83b17c1645c358fcdee52b8200159047_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83b17c1645c358fcdee52b8200159047_JaffaCakes118
Size

6.1MB
MD5

83b17c1645c358fcdee52b8200159047
SHA1

8abef5c5fbcda00d3680a1232b7f61a953e143c8
SHA256

514a086d8b7d7fd09651effb28864eff92a59581c5a6fa9fa7b049f71cee412a
SHA512

b49eff8383cb3611cf87960936e5cd2ec8f62467aa3c93dd61b31baab506af0706c633618e01ef04af7c7f37bbe1b6ebb612421d8e4c00baa39d4d5f50195353
SSDEEP

98304:C9/8orIXYecnVrpUNqi87fl6jFZtuNXWiogiPwOTwLaoWNWnZWvpSLN9Mue:G8onnKqzfl6jFemi1PaoMtiNGue

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83b17c1645c358fcdee52b8200159047_JaffaCakes118

Files

83b17c1645c358fcdee52b8200159047_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8aeada9764e82ec8cabfdf119bfde3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
LoadLibraryA
VirtualAlloc
VirtualFree
GetModuleFileNameA
ExitProcess

user32

OpenClipboard
MessageBoxA

shell32

SHGetSpecialFolderPathA

advapi32

RegOpenKeyA

shlwapi

PathIsDirectoryA

comdlg32

GetSaveFileNameA

imagehlp

MakeSureDirectoryPathExists

imm32

ImmInstallIMEA

gdi32

GetObjectA

ntdll

RtlAdjustPrivilege

msvcrt

srand

ole32

CoInitialize

oleaut32

LoadTypeLi

Sections

oO��
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oO��
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oO��
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ