3698314182dcefec4ff62b24b08d5474_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3698314182dcefec4ff62b24b08d5474_JaffaCakes118
Size

110KB
MD5

3698314182dcefec4ff62b24b08d5474
SHA1

4994c8662797573c37b6ccac097b6938293dec55
SHA256

bbe61ccd01b6d4a370297a469881633acf4c9e80dc968c9946e818118c89b099
SHA512

dbc27443e19f70851f3c5170a256a089d425d59eed14f83c11ad97b36878d7bc682ca703150325b96b82ad9915f41cb6bd5a50ac485f54973a8f4e4235c0d3d9
SSDEEP

1536:k1IgJVOJsxDCDJDF9AWwnjnQPF8SBJvvr7Uu9NyYbLY9zRugssnui6RfR/bZ4Wzi:tgJoimrWnrQaSPvv/xbbE9ogSbuEqln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3698314182dcefec4ff62b24b08d5474_JaffaCakes118

Files

3698314182dcefec4ff62b24b08d5474_JaffaCakes118
.exe windows:5 windows x86 arch:x86

20e973c37e556debb50eee3559c7b43e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
TranslateMessage
GetParent
CharNextA
GetDC
GetSystemMetrics

gdi32

SetStretchBltMode
CreateCompatibleDC
CreateSolidBrush
GetObjectA
DeleteObject
SetMapMode
SetTextAlign
CreateFontIndirectA
SaveDC
SetTextColor
GetClipBox
SelectObject
CreatePalette
RestoreDC
RectVisible
LineTo
GetDeviceCaps
GetTextMetricsA
DeleteDC
GetPixel
GetStockObject

kernel32

GlobalFindAtomA
GetSystemTime
CopyFileA
RemoveDirectoryW
FindClose
lstrcmpiW
DeleteFileA
QueryPerformanceCounter
GetModuleHandleA
RemoveDirectoryA
lstrlenW
GetCommandLineA
lstrcmpA
lstrcmpiA
GetWindowsDirectoryA
lstrlenA
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ