311fc59a8388cee40b5f60701a5874ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

311fc59a8388cee40b5f60701a5874ec_JaffaCakes118
Size

133KB
MD5

311fc59a8388cee40b5f60701a5874ec
SHA1

2a6c185ea0e6e6b78e6b13f5717ce819f99e3527
SHA256

67c02036d7b3574cccee9f559cd0e07724192e4922ff1092b2b62ce70bb1d612
SHA512

fda9f90079fecea10aa50abd8b6be3cc4c9a1d231000eb1630d8504b0bb8cf66ee25742119152297564d554f6d6fc8e04c1223e0766ba9f80c3e5823cb09f79b
SSDEEP

3072:m3qtFg0Jd34l1rVpU0ly0jIcVZnCQsP9jla8ham0mWF:9rFJd4l1rVpUT0YVhasKF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
311fc59a8388cee40b5f60701a5874ec_JaffaCakes118

Files

311fc59a8388cee40b5f60701a5874ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e5385aaca333e506a8573940516da1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextMetricsA
LineTo
SelectObject
DeleteDC
GetClipBox
GetDeviceCaps
RectVisible
CreatePalette
CreateCompatibleDC
CreateSolidBrush
CreateFontIndirectA
GetStockObject
SetMapMode
SetStretchBltMode
DeleteObject
GetObjectA
SetTextAlign
GetPixel

kernel32

lstrcmpiA
CopyFileA
RemoveDirectoryA
lstrlenA
QueryPerformanceCounter
lstrcmpiW
lstrcmpA
GetSystemTime
lstrlenW
DeleteFileA
GetWindowsDirectoryA
GetCommandLineA
GetModuleHandleA
RemoveDirectoryW
FindClose
GlobalFindAtomA
VirtualAlloc
VirtualFree

user32

CharNextA
TranslateMessage
GetSystemMetrics
GetParent
GetDesktopWindow
GetDC

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE