16ea7837f09d32b5fab8630c003bf4a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16ea7837f09d32b5fab8630c003bf4a5_JaffaCakes118
Size

117KB
MD5

16ea7837f09d32b5fab8630c003bf4a5
SHA1

cc06dad2a3b13c1b9295371aa6adc05306c8f764
SHA256

b1d5ec3f43334133ae292510574be2ed5ce340ba5aed9d655f2054c196596b58
SHA512

8268b58d3004fc20b1977d3b101946a7967afb5bd3b31686e12ba13677ff03fbd09ee27f68cd8f068cd23c1e8d28a86f13cbd42b0e8c881095e07d3b97c79861
SSDEEP

3072:mSgg9cpoCfqjco28FB/Kg5K8hO+o1CpR:hHHf1FBCgjhl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16ea7837f09d32b5fab8630c003bf4a5_JaffaCakes118

Files

16ea7837f09d32b5fab8630c003bf4a5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

65d0966abc7aae03ad981e4ddcb1925d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
RemoveDirectoryA
lstrcmpiA
CopyFileA
DeleteFileA
lstrcmpA
GetWindowsDirectoryA
GetSystemTime
lstrlenW
GetCommandLineA
lstrlenA
RemoveDirectoryW
FindClose
lstrcmpiW
GlobalFindAtomA
VirtualAlloc
VirtualFree
GetModuleHandleA

gdi32

GetDeviceCaps
CreateCompatibleDC
CreateSolidBrush
RestoreDC
GetPixel
SelectPalette
GetTextMetricsA
CreateFontIndirectA
LineTo
SetMapMode
SetTextAlign
GetObjectA
SelectObject
GetStockObject
GetClipBox
SetTextColor
RectVisible
CreatePalette
DeleteDC
SetStretchBltMode

user32

TranslateMessage
GetParent
GetDesktopWindow
CharNextA
GetSystemMetrics
GetDC

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ