54f96968235b97b88dc351c5b53c369b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54f96968235b97b88dc351c5b53c369b_JaffaCakes118
Size

111KB
MD5

54f96968235b97b88dc351c5b53c369b
SHA1

8589ec6d67520e6f44c076bf0ed00c8b9ca6f9b1
SHA256

bd86cec344cac4236135cb4c9391a12e7e06dca29c950297d2211bfa60f54281
SHA512

68000a70d2a5012b03881441f1a7d085d99c2efa0b63731d36ba10e283f3688cdeda27ec25abfab1ffd6dc5f0987f0a2787ec15e52ccfda3cfc6d16f80091800
SSDEEP

1536:xxyB5QAaBkZdjTLKaID8pVVEXU4vtHGR3RubBh2N44K7IuXv3i6E8psH3VYmXU:fyBORsDcVE3s4KMAwH3VYk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54f96968235b97b88dc351c5b53c369b_JaffaCakes118

Files

54f96968235b97b88dc351c5b53c369b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1df9aeb82ce3f25ca5bc28df84e65d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateSolidBrush
RestoreDC
CreatePalette
SaveDC
SelectObject
SetMapMode
SetStretchBltMode
GetDeviceCaps
CreateCompatibleDC
SetTextColor
GetStockObject
RectVisible
DeleteDC
DeleteObject
CreateFontIndirectA
SelectPalette
SetTextAlign
GetObjectA
LineTo
GetPixel
GetClipBox
GetTextMetricsA

kernel32

GetModuleHandleA
GlobalFindAtomA
GetWindowsDirectoryA
lstrcmpiW
DeleteFileA
QueryPerformanceCounter
GetCommandLineA
lstrcmpA
lstrlenA
lstrcmpiA
RemoveDirectoryW
FindClose
RemoveDirectoryA
lstrlenW
VirtualAlloc
CopyFileA
VirtualFree

user32

GetParent
GetDC
TranslateMessage
GetSystemMetrics
CharNextA
GetDesktopWindow

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ