0f3483c9d4d76efd0ae8f1445497f96f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f3483c9d4d76efd0ae8f1445497f96f_JaffaCakes118
Size

136KB
MD5

0f3483c9d4d76efd0ae8f1445497f96f
SHA1

1eb984a4e0d54bdba2f562827c273e9a15b5f50d
SHA256

b1e0971f5570f4ef4a39170fe34244b2a0c1ceb9582da09bd12ee0917bbc384d
SHA512

774cff60df82945560be491b9ddaff89b8978a4bcf24e65a0914941adb2537ebbb793f2f3e81dff36a8b1b08f334fd428e9b06a535f9ef836c9289376e7f0341
SSDEEP

3072:ZiYWQgYEVC1qTcHFd8lYlCi8HtC8mP2ROLZFbD6VUXBwt:2AqTcHFdmYlCvs8mPvr6V4et

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f3483c9d4d76efd0ae8f1445497f96f_JaffaCakes118

Files

0f3483c9d4d76efd0ae8f1445497f96f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d233fab522f576c945174edb61669222

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
DeleteFileA
RemoveDirectoryW
GlobalFindAtomA
FindClose
GetModuleHandleA
lstrlenW
GetWindowsDirectoryA
CopyFileA
lstrcmpiA
RemoveDirectoryA
QueryPerformanceCounter
GetSystemTime
lstrcmpA
lstrcmpiW
GetCommandLineA
VirtualAlloc
VirtualFree

user32

TranslateMessage
GetParent
GetSystemMetrics
GetDC
CharNextA
GetDesktopWindow

gdi32

LineTo
GetDeviceCaps
SetMapMode
CreateFontIndirectA
CreateSolidBrush
SetTextAlign
SelectPalette
SaveDC
CreatePalette
RectVisible
GetObjectA
GetStockObject
DeleteObject
RestoreDC
SelectObject
DeleteDC
CreateCompatibleDC
SetTextColor
GetPixel
GetClipBox
SetStretchBltMode

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE