2d20b9f79d8957b4a234177524b6990b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d20b9f79d8957b4a234177524b6990b_JaffaCakes118
Size

388KB
MD5

2d20b9f79d8957b4a234177524b6990b
SHA1

16b6a9c2e9a2e13e605b57e189423ad3ed40845f
SHA256

893ea8d5bb6db28e40f6dead910f19d469d28ea826417c448fa87fd8a9d74c3f
SHA512

829b05454b2f246fda0853b13c3c32a69d35e26e3b719b2a5a277c759ed87c37009ff34932b904cee28126697c22618cb47aa629493a4ac655bffd4eb3b5747a
SSDEEP

6144:Jq/+ep82m8Anc7amzdxyQEf5d+vheNaENwg6DutB4aeqq/SDrdmmklBnsz+uY:Jz6MAamJxof5EheN9wg6NaeqUS0pmzo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d20b9f79d8957b4a234177524b6990b_JaffaCakes118

Files

2d20b9f79d8957b4a234177524b6990b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a843ea261c71021afc041178b8afdb51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

gdiplus

GdipGetPropertyItemSize

user32

GetMessageA

gdi32

CreateCompatibleBitmap

ole32

CoTaskMemRealloc

oleaut32

VarBstrFromDate

comctl32

_TrackMouseEvent

wintrust

WintrustGetRegPolicyFlags

crypt32

CryptMsgClose

rpcrt4

UuidCreate

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 342KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE