39651e474d7ef8d52f4f18db91b7ee56_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39651e474d7ef8d52f4f18db91b7ee56_JaffaCakes118
Size

163KB
MD5

39651e474d7ef8d52f4f18db91b7ee56
SHA1

9b9ac436b8724d7dfb44d83d6b03cd01d93ddf89
SHA256

3d0f989fc95274b43cf46cfa33e589d503ea57935750d9795bd4a9340b9d11db
SHA512

20393837cbd6a2bce87186ba9c160b99f4a29779770384431fb36f6d3d2266fdc8bdb0b4970734c5d56c268aa426c44712d357e37791634c19914703db3aefc9
SSDEEP

3072:WyF+SNCcKZg00H7jX3/Cy2drThcc7pFGlfcb3JT1lDFiR+wZF:dFtNPpj2VtrTGlfI3JT1xFiZF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39651e474d7ef8d52f4f18db91b7ee56_JaffaCakes118

Files

39651e474d7ef8d52f4f18db91b7ee56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

95daf1a08c30123c676b6b3786f13978

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleInformation
LocalFree
TransmitCommChar
ExitProcess
EnumResourceNamesW
ExitProcess
LocalAlloc
LoadLibraryW
GetVersionExA
GetModuleFileNameA

gdiplus

GdipGetImageHeight
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipGetImagePixelFormat
GdipDisposeImage

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

user32

ClipCursor
CreatePopupMenu
RedrawWindow
FindWindowA
DestroyMenu
TrackPopupMenuEx
GetDesktopWindow

gdi32

SetStretchBltMode
DeleteDC
CreatePen
StretchBlt
CreateCompatibleDC
SelectObject
CreateDCW
CreateDIBSection
BitBlt
GetObjectType
LineTo
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

ole32

CoFreeUnusedLibraries
CoUninitialize
CoInitialize
StringFromGUID2
CoCreateInstance

winmm

timeGetTime

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ