cf8877f4f72d61ca2f00df10398dc30b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf8877f4f72d61ca2f00df10398dc30b_JaffaCakes118
Size

172KB
MD5

cf8877f4f72d61ca2f00df10398dc30b
SHA1

17246d32b23f178f0253b0d2c28ee910da7947e2
SHA256

9b296d5b06bd097762ce12e8f52acec15bf35ca42aea37ac179ac3d89ad74cf2
SHA512

3b8b2016b11f2e1a37160abbd8441be8117862867a9ec37047fc0b4b49f1ca44c1b0a5afe190db1935e0ed52686f95ecd34785622a0d8a6e4cc2383b98f17d32
SSDEEP

3072:qJtReEO8/bAOmjMfW5pPqKXH+aWZxqzr2F2MX0+h3HMjOueu0yfjakZdfM6k3:uRe9IAOOMGP5X+aWueke00G82ja4C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf8877f4f72d61ca2f00df10398dc30b_JaffaCakes118

Files

cf8877f4f72d61ca2f00df10398dc30b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42570c0e4dc8f2f4ac10ca270e20cfce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

kernel32

SetHandleInformation
LoadLibraryW
TransmitCommChar
GetVersionExA
EnumResourceNamesW
ExitProcess
LocalAlloc
ExitProcess
LocalFree
GetModuleFileNameA

gdi32

DeleteDC
CreateCompatibleDC
SetStretchBltMode
CreateDIBSection
CreateDCW
CreatePen
GetObjectType
StretchBlt
SelectObject
LineTo
BitBlt
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

ole32

CoFreeUnusedLibraries
CoInitialize
CoUninitialize
StringFromGUID2
CoCreateInstance

user32

ClipCursor
RedrawWindow
CreatePopupMenu
TrackPopupMenuEx
DestroyMenu
FindWindowA
GetDesktopWindow

gdiplus

GdipCreateBitmapFromFile
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipDisposeImage

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ