184f02c68da0d21db52262ab6da5a65d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

184f02c68da0d21db52262ab6da5a65d_JaffaCakes118
Size

459KB
MD5

184f02c68da0d21db52262ab6da5a65d
SHA1

ed163eeb109890b1fdef241461be3f4ff15f5a5a
SHA256

5990cf32d762b3ae5fafc7699a30de57e870b286e75619884dce34f908986829
SHA512

6ec0f033c8f18e706d8f9857dbf3321e9fff5723538d92654e83332b5eb281b8d67599f8de6ffe609c878158734463ebdb3381d4adbe5da1619f5bad26f34ca9
SSDEEP

12288:jotXiIwK3GINX9ytofLHo4a5QCLXE1cibF:jothnGaU+fLI4NCLgci

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
184f02c68da0d21db52262ab6da5a65d_JaffaCakes118

Files

184f02c68da0d21db52262ab6da5a65d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81fe8ce74dd86b2654f82a61bcea4c24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

AdjustTokenPrivileges

comctl32

FlatSB_GetScrollInfo

comdlg32

ChooseColorW

gdi32

BitBlt

msimg32

AlphaBlend

ole32

CLSIDFromString

oleaut32

SafeArrayCreate

psapi

GetModuleFileNameExA

shell32

ExtractIconA

user32

ActivateKeyboardLayout

version

GetFileVersionInfoSizeW

winmm

timeGetTime

Sections

.text
Size: 352KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE