3a45d4b0040f61e5d0a6f5ad7db182d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a45d4b0040f61e5d0a6f5ad7db182d7_JaffaCakes118
Size

183KB
MD5

3a45d4b0040f61e5d0a6f5ad7db182d7
SHA1

db971d1ba9e1b2075650cc72e500a998faebc2a0
SHA256

c443ca5893168e92714325dd737d20a15b8510b7af15dff9c45be0bbbaf8a070
SHA512

2f49670b8b89b4aba44dd75d2e1284a50e699c5c9807cdf52460e28048eea1fa8edce5938d966d9f41c21440d44151abbcae44a6dc1b273445d439f24a2365df
SSDEEP

3072:cZOxziiYTQUFJsFtN8NYdM4ZGEo/d/baIjhJ7O3Y7X7HHciBgWmIMbN2OTIr2l0:xziBQUFJsFtN8NYdM4YEc/bJ1kWn5mIr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a45d4b0040f61e5d0a6f5ad7db182d7_JaffaCakes118

Files

3a45d4b0040f61e5d0a6f5ad7db182d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c1b8b1560d8e2a449fbd31c2a0265d7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

I_RpcFreeBuffer
UuidCreate

gdi32

SelectObject
StretchBlt
SetStretchBltMode
LineTo
CreateDCW
CreateCompatibleDC
BitBlt
GetObjectType
CreatePen
CreateDIBSection
DeleteDC
CreateBitmap

user32

DestroyMenu
RedrawWindow
ClipCursor
FindWindowA
TrackPopupMenuEx
CreatePopupMenu
GetDesktopWindow

msimg32

AlphaBlend
TransparentBlt

gdiplus

GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImage

winmm

timeGetTime

kernel32

FlushInstructionCache
LoadLibraryW
LocalFree
ExitProcess
ExitProcess
SetLocaleInfoW
LocalAlloc
GetVersionExA
GetModuleFileNameA

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ