3ba9c4fa227d0da8981fe06bade8cf33_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ba9c4fa227d0da8981fe06bade8cf33_JaffaCakes118
Size

160KB
MD5

3ba9c4fa227d0da8981fe06bade8cf33
SHA1

caaeda0f888bbcb21a52697491cfc44eebf7809a
SHA256

01ae2df1a99142bd3c74d59d3f886b295c63fb56cbd97cec4569ff0bb454d86c
SHA512

058af96ea5652df02747a963e757d4548ff0770395ff5043525f5e3f028ece97fee9a798fbe0f771ff47235c0697164112166e50f38980d008be60348f2b6855
SSDEEP

3072:CMFGNG1soYsMALy+xMiHyPy1GMCto5k2soAKBTULf+:xGaY4yWvH/WtoRs6gb+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ba9c4fa227d0da8981fe06bade8cf33_JaffaCakes118

Files

3ba9c4fa227d0da8981fe06bade8cf33_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b06e0400d4457dc601f4d7a3a97ba175

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyMenu
FindWindowA
ClipCursor
TrackPopupMenuEx
RedrawWindow
CreatePopupMenu
GetDesktopWindow

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

winmm

timeGetTime

ole32

CoUninitialize
StringFromGUID2
CoInitialize
CoFreeUnusedLibraries
CoCreateInstance

gdi32

BitBlt
StretchBlt
GetObjectType
CreateDIBSection
CreateDCW
CreatePen
SelectObject
LineTo
DeleteDC
SetStretchBltMode
CreateCompatibleDC
CreateBitmap

kernel32

GetHandleInformation
GetVersionExA
TransmitCommChar
LocalAlloc
EnumResourceNamesW
ExitProcess
LoadLibraryW
LocalFree
ExitProcess
GetModuleFileNameA

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipDisposeImage

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ