45431e3222c57e329bb09d4e59139dc1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45431e3222c57e329bb09d4e59139dc1_JaffaCakes118
Size

22KB
MD5

45431e3222c57e329bb09d4e59139dc1
SHA1

d1a542286139fde34926ffddcf1df1b8b712fc52
SHA256

7cdb8ca10db36756b34b658343b673b42711e46fa51d516fe0e538284001736f
SHA512

4ed590b86539fb86c3fff3593ca63fad3c9620e793607efcbd55a7d167fbd0aae9367427d28eaa09f056b92ba815f2dcbca6729e4364af266ea3b98d94c09ca5
SSDEEP

384:09ZxBASZ8b9Gtpz74MPGHl5e0y6THa3zQclXyV+YqX6zD0CTGH7vvxlLgbCU:CAe8b8pzgHl5fy6THa3HiV/zD0CT07Dc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45431e3222c57e329bb09d4e59139dc1_JaffaCakes118

Files

45431e3222c57e329bb09d4e59139dc1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d0ab992d8e9915fb912c1f1af52d9e7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

RegisterClassExW

shell32

SHGetFolderPathW

Sections

.MPRESS1
Size: 18KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE