2e1af8d5f4006317e134af3615ab6d8e_JaffaCakes118 | Triage

Sharing

General

Target

2e1af8d5f4006317e134af3615ab6d8e_JaffaCakes118
Size

108KB
MD5

2e1af8d5f4006317e134af3615ab6d8e
SHA1

a9bd7a212f5128e250245abedf261c954a65bdbc
SHA256

7b8f645b561ae9c999e0dcfb7b9811923099c508b1a4a2f7a608e3d17272bd7a
SHA512

bab05284fc204c89f9a3d599975a8eb2de5d4b84cf6b7b6c4ff35ceb1fd08ca1bace12c62686ea7fc7f2e3f7d6d145edd3f8b4ceef4fa3b9a66ed3c3b9b4ce2e
SSDEEP

1536:pYf8YPdug34qWHoho+iUwbD79EGQMcEXHTN2pn3u6EsCConmQ7:pxYPdJ3XWIWYwrpKIECConm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e1af8d5f4006317e134af3615ab6d8e_JaffaCakes118

Files

2e1af8d5f4006317e134af3615ab6d8e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ec7c0bf8443ed9a4100140d907a8c71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
lstrcmpiA
GetWindowsDirectoryA
lstrcmpA
DeleteFileA
GetSystemTime
lstrlenA
lstrlenW
VirtualAlloc
RemoveDirectoryA
QueryPerformanceCounter
lstrcmpiW
GlobalFindAtomA
VirtualFree
GetModuleHandleA
RemoveDirectoryW
FindClose
CopyFileA

user32

TranslateMessage
GetSystemMetrics
GetDesktopWindow
CharNextA
GetDC
GetParent

gdi32

GetClipBox
CreatePalette
LineTo
DeleteObject
GetTextMetricsA
SetTextAlign
SelectPalette
SetStretchBltMode
GetObjectA
SetTextColor
CreateFontIndirectA
RestoreDC
GetDeviceCaps
SaveDC
CreateSolidBrush
RectVisible
SetMapMode
GetStockObject
DeleteDC
SelectObject
GetPixel
CreateCompatibleDC

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ