268fc2d6b7141906d7c04374967d8ded_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

268fc2d6b7141906d7c04374967d8ded_JaffaCakes118
Size

106KB
MD5

268fc2d6b7141906d7c04374967d8ded
SHA1

2444bfc82ea8ab468cd2a9f12ecca16da2b08a26
SHA256

baf04652915ad1792f4c1c26d930f9b16a0048c8ecd7b9f659151102bb3bc5e5
SHA512

c9a350ce5317221aa29e9dae1f369b7755bf226a89c8d24a8f43a77662b9a5419ae57c2d1bcd49ea028c7bcf26d77466dfac14c1987405af9f147ee55caa83d9
SSDEEP

1536:eVXvQUxbXZ0uPkOPLIkPEF71DGRsoOG3dn3jhHcogAT8In1pNUWZ4:e7T+uhpA7cpOsN3jhj1pNUWZ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
268fc2d6b7141906d7c04374967d8ded_JaffaCakes118

Files

268fc2d6b7141906d7c04374967d8ded_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5747d7ce447220b11c7af503a8aa3a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
DeleteFileA
QueryPerformanceCounter
lstrcmpiW
RemoveDirectoryA
GetModuleHandleA
lstrcmpiA
GetWindowsDirectoryA
GetCommandLineA
lstrlenA
CopyFileA
GlobalFindAtomA
RemoveDirectoryW
FindClose
lstrlenW
lstrcmpA
VirtualAlloc
VirtualFree

gdi32

CreateCompatibleDC
GetStockObject
CreatePalette
LineTo
SetTextAlign
SetStretchBltMode
SetMapMode
CreateSolidBrush
CreateFontIndirectA
SelectObject
RestoreDC
SetTextColor
GetObjectA
GetDeviceCaps
GetClipBox
SelectPalette
GetTextMetricsA
RectVisible
DeleteDC

user32

GetParent
TranslateMessage
CharNextA
GetDC
GetDesktopWindow
GetSystemMetrics

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ