64694806cc4854cee65cfe533e8a0d78_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64694806cc4854cee65cfe533e8a0d78_JaffaCakes118
Size

184KB
MD5

64694806cc4854cee65cfe533e8a0d78
SHA1

1adc985c2da7caaa1c1a1c54948010d55f502ff4
SHA256

62cd4e6fa3296bf0a5748ea334f3dc4542e43c37574cc376dc6e39b3ffe0543c
SHA512

b94c026adfd8467efd8ab69e1d09400e55cd5e49d97bc62f00cc994b866d31fd0234f0eb8c0d7b577af944349e6781c288ff3a6e70351aba55f13633d3ba6fc5
SSDEEP

3072:bVjDS1j4xHzv7BV+ADmf+LbRD6MTZHXnd7tBjqJQMl1d7upxCig6gY/PgMGI5XZ2:hjiMxHzDf+AU+LbRDx9XnNt0b7ufgMGm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64694806cc4854cee65cfe533e8a0d78_JaffaCakes118

Files

64694806cc4854cee65cfe533e8a0d78_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f261c931701b7d4a50cefd7c7cb6c52a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

msimg32

AlphaBlend
TransparentBlt

user32

CreatePopupMenu
RedrawWindow
DestroyMenu
FindWindowA
TrackPopupMenuEx
ClipCursor
GetDesktopWindow

gdiplus

GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipDisposeImage

rpcrt4

I_RpcFreeBuffer
UuidCreate

kernel32

FlushInstructionCache
GetVersionExA
LocalAlloc
LocalFree
ExitProcess
SetLocaleInfoW
ExitProcess
LoadLibraryW
GetModuleFileNameA

gdi32

SetStretchBltMode
SelectObject
CreatePen
DeleteDC
CreateCompatibleDC
CreateDIBSection
CreateDCW
GetObjectType
BitBlt
StretchBlt
LineTo
CreateBitmap

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ