31f0d7c78c9387889ae56c86e15ae445_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31f0d7c78c9387889ae56c86e15ae445_JaffaCakes118
Size

259KB
MD5

31f0d7c78c9387889ae56c86e15ae445
SHA1

52f80356288ec71f3b09ccc6ac5b50c3e8425ef2
SHA256

959cb41892253cb8abb9c0971b1c7d0a3eaa21970132a9dcf4d2a7af92f3b49f
SHA512

801e1093c5f6191ee33a142456753f6a95b9c4ec6538f55cbb75ff3e28fd89ee1b1420dd5230c79ae40b1053ae9c3039681fad28d15847bfc7e6a34026238937
SSDEEP

3072:qsON2fI/EO7FJcUekbJDWWIIGoyGXfDklfpaKTa7uTDstS5l8E7qGLFyZO2beHva:qjoI9BusPfD+Rama7uTDstS5QGZvWS4h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31f0d7c78c9387889ae56c86e15ae445_JaffaCakes118

Files

31f0d7c78c9387889ae56c86e15ae445_JaffaCakes118
.exe windows:4 windows x86 arch:x86

373ba7e4ffd7cf8dc231af2b814dd006

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
SetBkMode
SetTextAlign
SetTextColor
SetBkColor
DeleteDC
ExtTextOutW
SelectObject
CreateCompatibleDC

kernel32

GetCommandLineW
FreeLibrary
GetProcAddress
GetStringTypeA
LoadLibraryA
WideCharToMultiByte
DeleteFileA
GetFileAttributesA
GetTempPathA
GetTempPathW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
LockFile
LockFileEx
UnlockFile

oleaut32

SafeArrayDestroyDescriptor
CreateErrorInfo
OleLoadPictureEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

user32

GetKeyState
EnableWindow
CharLowerA

msimg32

TransparentBlt

Sections

.text
Size: 205KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE