2ae42536c88d829cee6ac2ead8a338af_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ae42536c88d829cee6ac2ead8a338af_JaffaCakes118
Size

117KB
MD5

2ae42536c88d829cee6ac2ead8a338af
SHA1

9134a72b916214f5664267c4de9c213936841c2d
SHA256

9d9c47a148a689c0b0f43f784dbc80852baee8d10e1b0ad0df8fdd5b76471198
SHA512

be61703a852501b31332281b7008bd9054a5154cb0a257b17cf2e3c07bc94488f80054efd03cacf4bfaf2fcdfad27059e033c877ce3e9986e3a29f1c8cc6a0ec
SSDEEP

1536:MSmFqku1/kIcZowYbZV+z9f4L18VdMqWCgRbQdEdTFi6EQQZLD/YRtfnV:VQU1/kI/nNUzoKVdrWCgDgLD/itv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ae42536c88d829cee6ac2ead8a338af_JaffaCakes118

Files

2ae42536c88d829cee6ac2ead8a338af_JaffaCakes118
.exe windows:5 windows x86 arch:x86

963bf9857bbc5d9b34e86208f58a1556

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
CopyFileA
GetWindowsDirectoryA
lstrcmpiW
GlobalFindAtomA
DeleteFileA
lstrcmpA
GetModuleHandleA
RemoveDirectoryW
FindClose
lstrlenW
RemoveDirectoryA
QueryPerformanceCounter
lstrlenA
GetCommandLineA
VirtualAlloc
VirtualFree

user32

GetDC
TranslateMessage
GetSystemMetrics
GetParent
CharNextA
GetDesktopWindow

gdi32

GetStockObject
SelectObject
GetClipBox
SetStretchBltMode
SetMapMode
CreateSolidBrush
CreateFontIndirectA
GetPixel
SetTextColor
CreateCompatibleDC
SaveDC
RestoreDC
DeleteDC
SetTextAlign
SelectPalette
DeleteObject
LineTo
CreatePalette
GetDeviceCaps

glu32

gluNurbsCallback

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ