184f3ba82c691205f2e9f52d514fb170_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

184f3ba82c691205f2e9f52d514fb170_JaffaCakes118
Size

413KB
MD5

184f3ba82c691205f2e9f52d514fb170
SHA1

a1cf977dbd391f1c970553fb160e305a22772d0e
SHA256

c22e585d8cd5d638bdfc1438e99b4a8f79c731cb4bdca530d58de54925a0fe6d
SHA512

90040512258fe707bd68f86076ec6d92c3092b1c69a9c3b76a13ae92c3c757d5806512a9050ed3f7c620b568581bb25a129bcf629f674db3080e5f2d6db83eed
SSDEEP

6144:LYWXQ7r0pjst48BVA0gP+VdQnQCgIwe/xSqF5loDOvOYbHgG8vpCWS9cXASj8k:6AjCvM0hdCQEptoqvO6AG8Md9cQS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
184f3ba82c691205f2e9f52d514fb170_JaffaCakes118

Files

184f3ba82c691205f2e9f52d514fb170_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e44fca71d9598414cbe8da6f25ebc7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
ClearCommBreak
GetCommState
GlobalLock
GetTapeStatus
EnterCriticalSection
GlobalFlags
GetProfileStringA
ExitProcess
GetUserDefaultLangID
FindAtomA
GetVolumePathNameA
CreateHardLinkA
GetProcessHeap
GetStdHandle
GetModuleHandleA
GlobalFree
GetOEMCP
CreateJobSet
FormatMessageA
CloseHandle

user32

CloseWindow
GetWindow
GetFocus
RegisterClassA
GetWindowTextA
GetWindowTextLengthA
GetDC
ReleaseDC
IsIconic
GetClassNameA
DrawEdge
GetActiveWindow
GetClassInfoExA
ValidateRect
GetForegroundWindow
BeginPaint
ShowWindow
GetParent
EndPaint

gdi32

CreateDCA
ExtCreatePen
CreateDIBitmap
GetCharWidthA
GetColorSpace

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ