48b5c3d5a64651b02186b4f5b5144c37_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48b5c3d5a64651b02186b4f5b5144c37_JaffaCakes118
Size

183KB
MD5

48b5c3d5a64651b02186b4f5b5144c37
SHA1

3c7f99b23c2ce182dfeeb0e293cd76ada67e271f
SHA256

3a28c21c8d4fba8466fb84acf8a7b45fd70f836732063db1e9c5898956bdf4ee
SHA512

95f47c38a6288cf130245d8724a5f4007443414b8782edf4dbfd47a45d4aaaf4263b4e0fa90fbfc7a722bc1738cdb35f89130d9ca6308c8857f8233dfcafd2b7
SSDEEP

3072:gJ8H5UfPWkTlWyCKb/WhexekFU9fW0pzLOkB3TM6kmLX1XNQC:+8HEWkTlMKbuIxeXPp3OkB0cX19

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48b5c3d5a64651b02186b4f5b5144c37_JaffaCakes118

Files

48b5c3d5a64651b02186b4f5b5144c37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e4ff07c4cf3930ed3ad3eabae47632a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TrackPopupMenuEx
DestroyMenu
CreatePopupMenu
RedrawWindow
FindWindowA
ClipCursor
GetDesktopWindow

winmm

timeGetTime

kernel32

FlushInstructionCache
ExitProcess
LoadLibraryW
LocalFree
ExitProcess
SetLocaleInfoW
LocalAlloc
GetVersionExA
GetModuleFileNameA

msimg32

AlphaBlend
TransparentBlt

gdiplus

GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePixelFormat
GdipDisposeImage

rpcrt4

I_RpcFreeBuffer
UuidCreate

gdi32

GetObjectType
CreateCompatibleDC
DeleteDC
SelectObject
BitBlt
SetStretchBltMode
StretchBlt
CreateDIBSection
LineTo
CreateDCW
CreatePen
CreateBitmap

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ