5bda03706a7bb9d571a196c4ac3abdc0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bda03706a7bb9d571a196c4ac3abdc0_JaffaCakes118
Size

179KB
MD5

5bda03706a7bb9d571a196c4ac3abdc0
SHA1

81f69f606145044e22c6064bc8aca75349b2f937
SHA256

241fbd9075012771b005c6fda7ce5e05a57faa0f0a01a719fd30c16c0d742495
SHA512

e866bdcff86576e3771a279bf5c64f04ef861c55091e560a8ba0cc46855f5df571a68b82a4a03e1733b066ff47eb8e26ed4972e10f5ecc3cefa565cea7d56d5e
SSDEEP

3072:7UF/iUXxKzi1sF+GAYX0FfMMd1rqM/2XgxYvw99MZtgGr:4F/i0xqNTEFv1LeXgxYvw92H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bda03706a7bb9d571a196c4ac3abdc0_JaffaCakes118

Files

5bda03706a7bb9d571a196c4ac3abdc0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5768a2035f3d04a48e85d18eec4891b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyMenu
RedrawWindow
TrackPopupMenuEx
ClipCursor
CreatePopupMenu
FindWindowA
GetDesktopWindow

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

gdi32

BitBlt
SelectObject
DeleteDC
StretchBlt
CreateDCW
LineTo
SetStretchBltMode
CreateCompatibleDC
GetObjectType
CreateDIBSection
CreatePen
CreateBitmap

rpcrt4

I_RpcFreeBuffer
UuidCreate

ole32

CoInitialize
CoUninitialize
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance

kernel32

FlushInstructionCache
ExitProcess
LocalFree
GetVersionExA
ExitProcess
SetLocaleInfoW
LoadLibraryW
LocalAlloc
GetModuleFileNameA

winmm

timeGetTime

gdiplus

GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImage

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ