669c744c3bcc5b8a9012a97e21668e15_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

669c744c3bcc5b8a9012a97e21668e15_JaffaCakes118
Size

183KB
MD5

669c744c3bcc5b8a9012a97e21668e15
SHA1

75e030aae57d82cbecbe560f6f8aa5732298fb53
SHA256

4b6ecb259fe1353a62730ee095189255a385a94b274f31735b5f105e9de4d45b
SHA512

a1f248c2b8ffbdd8f17c2895c50d823d4d96200f72a85450dea169cd2b57eeb163f620061e8e172fd4bb9d1b9d85f03229e145deb78b7c668f86fb8108ab4151
SSDEEP

3072:unVtZcpvBhpkSHiYbijG1YdQVwZNE1D5+9gtLYN0yK2qJvkZxbXIIoRenF7S7W:uHiVP5toEY+IERqt82qxks5QF7S7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
669c744c3bcc5b8a9012a97e21668e15_JaffaCakes118

Files

669c744c3bcc5b8a9012a97e21668e15_JaffaCakes118
.exe windows:4 windows x86 arch:x86

839858cfb368eef0dbca0500c4b25a5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

rpcrt4

I_RpcFreeBuffer
UuidCreate

kernel32

FlushInstructionCache
GetVersionExA
LocalAlloc
LoadLibraryW
ExitProcess
SetLocaleInfoW
LocalFree
ExitProcess
GetModuleFileNameA

msimg32

AlphaBlend
TransparentBlt

user32

DestroyMenu
CreatePopupMenu
RedrawWindow
ClipCursor
FindWindowA
TrackPopupMenuEx
GetDesktopWindow

gdiplus

GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipDisposeImage

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ