171c9eff81e2d125849cf72980dfa124_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

171c9eff81e2d125849cf72980dfa124_JaffaCakes118
Size

186KB
MD5

171c9eff81e2d125849cf72980dfa124
SHA1

061ac9b7d9a3e6d429c6f14981fefea55609b500
SHA256

3f33118eeef90ac22ee70cabae24cf1b1ebb6271246add4608eca38469362baa
SHA512

5ce1a7d9b20ada1aeea88b93356abbf65a5a16eb3a41bfd0dff5171324cc715bdb95c03bb9840f09756e8745a7b1ad2e70f342f7835373f803dff84319111f16
SSDEEP

3072:WIW8OUJ1qTQfv6UZQT3O/yTMW1yWSuWmdLHElNlQA11AFCTgUzcmOMs0+b6o:WI+UWkH6UZQT38rW1SuWmuLQA11AGgRD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
171c9eff81e2d125849cf72980dfa124_JaffaCakes118

Files

171c9eff81e2d125849cf72980dfa124_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5574015ba499c9571ac74eb0188aac37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

gdiplus

GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipDisposeImage

kernel32

FlushInstructionCache
LocalAlloc
GetVersionExA
LoadLibraryW
ExitProcess
SetLocaleInfoW
LocalFree
ExitProcess
GetModuleFileNameA

msimg32

AlphaBlend
TransparentBlt

user32

RedrawWindow
ClipCursor
CreatePopupMenu
DestroyMenu
FindWindowA
TrackPopupMenuEx
GetDesktopWindow

rpcrt4

I_RpcFreeBuffer
UuidCreate

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ