54b5aa2cf0455494062792cca97dd183_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54b5aa2cf0455494062792cca97dd183_JaffaCakes118
Size

110KB
MD5

54b5aa2cf0455494062792cca97dd183
SHA1

b827dbac81c73887ca87b83f1c3846e09769e658
SHA256

b923d06f6d302eca105a036ed67711a44ef43eb402781dac3d9d26635f4cc431
SHA512

40f2125aeefe4e8ba1cb7433a24a1c8d68babb3c75816b74375a01dc082848b83fc792c12140c332e531200f8e5d076f74d60245a88023f7b914b005161a636a
SSDEEP

1536:Scn8qiAaq++hL+hnUrAj6iHZVZDns2vCSwLWvIp8eQHEzklgOhi6EKgcEOsyaUh:Scn8qiAaPiGNlZNHIplzkW4EOsyaU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54b5aa2cf0455494062792cca97dd183_JaffaCakes118

Files

54b5aa2cf0455494062792cca97dd183_JaffaCakes118
.exe windows:5 windows x86 arch:x86

187b45cfc2de51334dcd6fff5fc19d34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GlobalFindAtomA
lstrlenW
GetCommandLineA
RemoveDirectoryA
GetSystemTime
lstrcmpiA
lstrcmpiW
CopyFileA
lstrlenA
QueryPerformanceCounter
DeleteFileA
GetModuleHandleA
RemoveDirectoryW
FindClose
lstrcmpA
VirtualAlloc
VirtualFree

user32

GetDC
TranslateMessage
GetParent
CharNextA
GetSystemMetrics
GetDesktopWindow

gdi32

SetTextAlign
SetStretchBltMode
GetStockObject
RestoreDC
SaveDC
GetObjectA
DeleteObject
CreateSolidBrush
GetPixel
CreateFontIndirectA
SelectPalette
RectVisible
CreatePalette
SelectObject
SetMapMode
SetTextColor
CreateCompatibleDC
LineTo
GetTextMetricsA
GetClipBox
GetDeviceCaps

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ