2e0040fa6fcc4a04fe40572b0f41a775_JaffaCakes118 | Triage

Sharing

General

Target

2e0040fa6fcc4a04fe40572b0f41a775_JaffaCakes118
Size

185KB
MD5

2e0040fa6fcc4a04fe40572b0f41a775
SHA1

1c76c0ec4798551b2c33df063fa320ce6838747f
SHA256

d068a0aa89ca0df7ce860d3a2f0a9f8884227872d41dc1bfafad899c2601169d
SHA512

edc405f1186b8bd1228601dfb8d8c35434b1381352560983b84fd96b4a8edb68fb04d579351a550a34de83e0148869e846f86e651f8b46075b3dc6a869259d84
SSDEEP

3072:oDKDhe77v5/chQ0UgGBvvYpcAAuZxhmW9ezp8GSv/uwjhvt+OqepEB67Qbb0E7Mw:WHRsQTgGEcAb2W9Ept4Fhvt+Ob7s0E7h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e0040fa6fcc4a04fe40572b0f41a775_JaffaCakes118

Files

2e0040fa6fcc4a04fe40572b0f41a775_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1cfb035023a9d2f1487a758885f4cc65

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RedrawWindow
ClipCursor
FindWindowA
TrackPopupMenuEx
DestroyMenu
CreatePopupMenu
GetDesktopWindow

kernel32

FlushInstructionCache
LocalFree
LoadLibraryW
LocalAlloc
ExitProcess
SetLocaleInfoW
GetVersionExA
ExitProcess
GetModuleFileNameA

winmm

timeGetTime

rpcrt4

I_RpcFreeBuffer
UuidCreate

msimg32

AlphaBlend
TransparentBlt

gdiplus

GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePixelFormat
GdipDisposeImage

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ