245ef44e523bd223fc23b1db132414d5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

245ef44e523bd223fc23b1db132414d5_JaffaCakes118
Size

109KB
MD5

245ef44e523bd223fc23b1db132414d5
SHA1

c5cba3acab3c56c816c5c3887a1d26a9eb199b25
SHA256

153799ec33f25f0718d943dfa3445656809f190d29fb5017fd5a0b7dd2aae764
SHA512

01edf78040188b48156c662f1ecb474f1199abacf06f9fcf58429c348838878a6782cd978ae40f502a6f25933ba3f732da4bef3c06a5dd64540590c68c9d6ff4
SSDEEP

3072:NlSh5SVSZ6p8Q65bYruIwMzi+I63/IXjIj/eg+A:Nl9/6pYrudMzi+I6GY/V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
245ef44e523bd223fc23b1db132414d5_JaffaCakes118

Files

245ef44e523bd223fc23b1db132414d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c9f31f9892441be99937ce146a66223

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetConsoleAliasA
CloseHandle
GetLastError
CreateFileMappingA
LocalLock
WaitForSingleObjectEx
FindAtomA
LoadLibraryExA
GetCalendarInfoA
CreateFileA
GlobalUnlock
LocalFree
TlsGetValue
Sleep
GetModuleHandleA
FreeEnvironmentStringsA
GetACP
FindClose
HeapCreate

user32

CallWindowProcA
GetIconInfo
GetDlgItem
CreateDialogParamA
SetFocus
GetDC
DispatchMessageA
IsWindow
GetMessageA
CascadeWindows
DefWindowProcA
DrawEdge
DrawTextA
MessageBoxA

msasn1

ASN1BERDecNull
ASN1BERDecEoid
ASN1BERDecCheck
ASN1BERDecSkip
ASN1BEREncLength

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ