b87e04c337f41a00b591f334ec606dbf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b87e04c337f41a00b591f334ec606dbf_JaffaCakes118
Size

160KB
MD5

b87e04c337f41a00b591f334ec606dbf
SHA1

61530ca24d957e4928d3998ac9d581e55b5244ca
SHA256

09abce4eda185f5bb959291597b4c667353cd5d6bea48c824afae1a9d44f0a8f
SHA512

055e7d0b52b02fc1b0c5b5fad325c6c476104692e1f5b4b0e9aef070c393d7a9d98da90028adc4e9997b6cb07cf00ae5d6663e8ea0898e576d3a7a20d4d430ea
SSDEEP

3072:CMFGNG1soYsMALy+xMiHyPy1GMCto5k2soAKBTULf+:xGaY4yWvH/WtoRs6gb+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b87e04c337f41a00b591f334ec606dbf_JaffaCakes118

Files

b87e04c337f41a00b591f334ec606dbf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b06e0400d4457dc601f4d7a3a97ba175

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyMenu
FindWindowA
ClipCursor
TrackPopupMenuEx
RedrawWindow
CreatePopupMenu
GetDesktopWindow

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

winmm

timeGetTime

ole32

CoUninitialize
StringFromGUID2
CoInitialize
CoFreeUnusedLibraries
CoCreateInstance

gdi32

BitBlt
StretchBlt
GetObjectType
CreateDIBSection
CreateDCW
CreatePen
SelectObject
LineTo
DeleteDC
SetStretchBltMode
CreateCompatibleDC
CreateBitmap

kernel32

GetHandleInformation
GetVersionExA
TransmitCommChar
LocalAlloc
EnumResourceNamesW
ExitProcess
LoadLibraryW
LocalFree
ExitProcess
GetModuleFileNameA

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipDisposeImage

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ