f45035bf01453771f12d3ec6cfdc57a8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f45035bf01453771f12d3ec6cfdc57a8_JaffaCakes118
Size

61KB
MD5

f45035bf01453771f12d3ec6cfdc57a8
SHA1

2fe882dd341f0b37657104dcdcc0f15e2851c929
SHA256

ce06b0a106eb4cf74cb06c1357ee5dc1be4213caa8d6fc422d62cfcfc2dac9c0
SHA512

dae6975e6a1cb5bc8838840e2307742b4e1a878818303617cafef83ded9d83c90ee1aa26351c05304570494069505b3aa6420a9f05345f54946e0be88811b993
SSDEEP

1536:Vp7fk0wgtfUUZdKqKVdqM3sVdaAzE+YVEX5YnjAimcvpi:VZ3OUZdPKP13sXzf5Ynd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f45035bf01453771f12d3ec6cfdc57a8_JaffaCakes118

Files

f45035bf01453771f12d3ec6cfdc57a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d8ed5db64da3429f574e2897d410159

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
GetLastError
GetVolumeInformationW
FoldStringA
_lopen
GetNamedPipeHandleStateW
OpenConsoleW
IsValidLanguageGroup
SetConsoleDisplayMode
SetMailslotInfo

user32

UnionRect
CreateIconIndirect
DdeQueryConvInfo
SendDlgItemMessageA
InSendMessage
DialogBoxParamW
LoadStringA
SetWinEventHook
SetDlgItemTextA
SetScrollPos
GetWindowRgn
MBToWCSEx

shell32

SHGetDesktopFolder
SHGetDiskFreeSpaceA
Control_RunDLLW

gdi32

SelectPalette
GetDCBrushColor
GetOutlineTextMetricsW
GetViewportOrgEx
CopyMetaFileA
AddFontResourceTracking
DeleteEnhMetaFile
PatBlt
EngLoadModule
GetHFONT

Sections

.code
Size: 9KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ