230334dcecd37a5c2b07fae413a665fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

230334dcecd37a5c2b07fae413a665fc_JaffaCakes118
Size

176KB
MD5

230334dcecd37a5c2b07fae413a665fc
SHA1

ce55b1b7945890c7d5825d45c79e985369fe8e8e
SHA256

4333791d063396fc9105c63321ae23d39f6183db7ffcdb832c865dacc0284d46
SHA512

d99c2caea198c653117e5aea049cd11b27379b27cb0e1206a45857c2cbb12a183ed507b341c2cc59cd06450c45816e30f16f312f6c2987b4f699e5f80deba29e
SSDEEP

3072:AajZP5U3xaoSHBEmx0NwN6C5LlcceoNU1XBTgNpNQXd6Qi2i7N3ZeD:AatP5sDmx0yxlccjsXCiRi37N4D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
230334dcecd37a5c2b07fae413a665fc_JaffaCakes118

Files

230334dcecd37a5c2b07fae413a665fc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

56b5ed7356bf86b79aa5a7260d241462

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_onexit

advapi32

RegOpenKeyExA

gdi32

CreateCompatibleDC

user32

CreateWindowExW

comctl32

ord413

shell32

ord752

ntdll

NtQuerySystemInformation

netapi32

NetApiBufferFree

ole32

CoUninitialize

oleaut32

VariantInit

rpcrt4

RpcBindingFromStringBindingW

duser

UtilDrawBlendRect

msimg32

GradientFill

oleacc

LresultFromObject

Sections

.text
Size: 168KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE