345cad754e5a7aff758d38579ff68fca_JaffaCakes118 | Triage

Sharing

General

Target

345cad754e5a7aff758d38579ff68fca_JaffaCakes118
Size

156KB
MD5

345cad754e5a7aff758d38579ff68fca
SHA1

6267c070c7545215506aab58da4d9bff30ebc008
SHA256

47352ae3b5cca6dbac1531e5184d57383394ab1abcebe3814ad3a9e0f2756fbc
SHA512

2d70a78a2f593c45332b8e310e4f214652244ae1f7659f79725d15d08c534d73d3d6566e22320bdb71e06d963c03974061e460d5c849149b7b6c925062c95737
SSDEEP

3072:XJN63pVEGqc8hG9YD+6V+rlHAGvXsgppttKUK/RkgZG:i3A3wAlVqDpRt4RnZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
345cad754e5a7aff758d38579ff68fca_JaffaCakes118

Files

345cad754e5a7aff758d38579ff68fca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

10f304edbefc0b87dd8cddcb9c59971c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetConsoleWindow
OpenJobObjectW
ReadConsoleA
GetSystemInfo
GetVersionExA
GetLastError
FindNextChangeNotification
VirtualAlloc
GlobalUnlock
GetProcessTimes
DuplicateHandle
FreeResource
SetLastConsoleEventActive

user32

LoadStringA
GetUserObjectInformationW
SetWindowPlacement
BlockInput
GetGUIThreadInfo
RegisterServicesProcess
GetWindowLongA
GetMenuItemID
GetWindowTextW
DefRawInputProc
GetClassInfoExA
IsServerSideWindow
ShowScrollBar
DeviceEventWorker
GetPropA
GetWindowWord

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ