3ff3aa607a9a6503ebf779521170d8d3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ff3aa607a9a6503ebf779521170d8d3_JaffaCakes118
Size

178KB
MD5

3ff3aa607a9a6503ebf779521170d8d3
SHA1

e22004ef499492b8cb0313de811c0a621652627d
SHA256

956e31db3ae15632c36fa37eaefc23b450365d0392640073fede04eaedce5812
SHA512

99d453fba3b067d1085436bac4ec9c107160ef5b1a5e44e4f0b57955ca0903a461fe14660e766b8be0805f8ae3d199669ed749995be6fead8b9a4b125ff01729
SSDEEP

3072:RuuQAIsgRU0iRNri3asFjilMxENIXeUgnR/0Co4ltxeo7UcmcvKnl8SqF7d:wuQAIBeNribRwMxMII+YK3ool8Swd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ff3aa607a9a6503ebf779521170d8d3_JaffaCakes118

Files

3ff3aa607a9a6503ebf779521170d8d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7507916fd80d1b24ee23f8a4e468a031

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

user32

CreatePopupMenu
DestroyMenu
ClipCursor
FindWindowA
RedrawWindow
TrackPopupMenuEx
GetDesktopWindow

gdi32

GetObjectType
CreatePen
CreateDIBSection
DeleteDC
LineTo
StretchBlt
CreateDCW
CreateCompatibleDC
BitBlt
SetStretchBltMode
SelectObject
CreateBitmap

gdiplus

GdipCreateBitmapFromFile
GdipGetImageWidth
GdipGetImagePixelFormat
GdipGetImageHeight
GdipDisposeImage

rpcrt4

I_RpcFreeBuffer
UuidCreate

winmm

timeGetTime

kernel32

FlushInstructionCache
ExitProcess
GetVersionExA
LoadLibraryW
ExitProcess
SetLocaleInfoW
LocalFree
LocalAlloc
GetModuleFileNameA

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ