549ebdefcff533a4a9a14ad69ebaf355_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

549ebdefcff533a4a9a14ad69ebaf355_JaffaCakes118
Size

287KB
MD5

549ebdefcff533a4a9a14ad69ebaf355
SHA1

b456956c33331929dbbc15c9a3a216f163eb834e
SHA256

7b0e56d9aa092b730552ad22618ec1e6249101af5713b714298673dacdf24faa
SHA512

c0491d3d1ff4aa3138cf2681e0bfec129dcb096f76dc3de1e8b0ecd69c4d6e150ecef2848c5da98f9c712b95df2a213a29b9267a218a9183c7d4cb123ef7b5f2
SSDEEP

6144:YTjv5TnAkNmk7RwJULuJjGwJDlMMDArqb4mzwv:65TnHNZF4PM9WbtMv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
549ebdefcff533a4a9a14ad69ebaf355_JaffaCakes118

Files

549ebdefcff533a4a9a14ad69ebaf355_JaffaCakes118
.exe windows:4 windows x86 arch:x86

04b8dcbf65d36090d665afe3b394c2bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

TransparentBlt

gdi32

SetColorAdjustment
AddFontResourceA
CombineTransform
SetPixel
GetPath
SetPaletteEntries
ExtCreateRegion
CreateEllipticRgn
GetStretchBltMode
SetDIBits
SetMiterLimit

kernel32

GetConsoleTitleA
GetVolumeInformationA
GetModuleHandleA
GetBinaryTypeA
GetProcAddress
LoadLibraryA
GetStdHandle
ReadConsoleOutputA
Sleep

user32

DrawTextA
SetWindowPos
GetListBoxInfo

msvcrt

_c_exit
_exit
_XcptFilter
_cexit
exit
__winitenv
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ