49678b04c5f985e9ba1750526ef7b086_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49678b04c5f985e9ba1750526ef7b086_JaffaCakes118
Size

183KB
MD5

49678b04c5f985e9ba1750526ef7b086
SHA1

83784aa0778470316c008bab6144a26e43bc0a90
SHA256

7a690bfa895b81c7a31b5378b1b6da1e200d325d7d56efb846cbc33998c0e5ca
SHA512

1d27ef3f1ab001ff7d9a00aeabba432de31899180051ab4042cdc0d4192da96d1d7d7dac50e3801fe74b1b34c9c666910e60356e81cc6eada0c3e0034e01714c
SSDEEP

3072:1jItKNxLsBnWgxOqMBmnTSE++aW71Fz4eZkTgIE3JGbjgS1Ih:1EtKNxsBnWgxOYRTn49gIEkbkS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49678b04c5f985e9ba1750526ef7b086_JaffaCakes118

Files

49678b04c5f985e9ba1750526ef7b086_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11468e5e1c59f382794d4a864bd51156

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

I_RpcFreeBuffer
UuidCreate

gdi32

StretchBlt
CreateDIBSection
SelectObject
CreateCompatibleDC
LineTo
DeleteDC
CreateDCW
GetObjectType
SetStretchBltMode
CreatePen
BitBlt
CreateBitmap

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

ole32

CoInitialize
CoUninitialize
CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance

winmm

timeGetTime

kernel32

FlushInstructionCache
LocalFree
LoadLibraryW
ExitProcess
ExitProcess
SetLocaleInfoW
LocalAlloc
GetVersionExA
GetModuleFileNameA

gdiplus

GdipGetImagePixelFormat
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipDisposeImage

msimg32

AlphaBlend
TransparentBlt

user32

CreatePopupMenu
DestroyMenu
FindWindowA
RedrawWindow
ClipCursor
TrackPopupMenuEx
GetDesktopWindow

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ