445b5baffa132e861fb41e36fbd66d56_JaffaCakes118 | Triage

Sharing

General

Target

445b5baffa132e861fb41e36fbd66d56_JaffaCakes118
Size

172KB
MD5

445b5baffa132e861fb41e36fbd66d56
SHA1

28fc156be04c67bf5a482ba7a52553e92898de5f
SHA256

7b23c42f275aa3322b77517e1f2f67fe2191d6221d02c8074f9eea5eaf314b0f
SHA512

00233c7a3a5be3f7dc993789a9b9c3d61fa00f2b49fa5e5a4ae3e13a7cb5bb09e2fef1aad17be604d50b7f2d0b4db87f61233feaff9561509cff2ba3128905a9
SSDEEP

3072:Gd0rX9H0ahnthQbyRofaSoeqtuNrPnWK6eQbmzm+OQo8HPWe:Gd+9RnthQmZS/Ku1PWK6ehzdOtkF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
445b5baffa132e861fb41e36fbd66d56_JaffaCakes118

Files

445b5baffa132e861fb41e36fbd66d56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcd81398dc4991f2840c355c1d92baa4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
MultiByteToWideChar
GetModuleHandleA
GetFileSize
FlushInstructionCache
GetTickCount
VirtualProtect
GetLastError
GetProcAddress
LocalFree
LoadLibraryA
Sleep
LocalAlloc
VirtualProtect

user32

wsprintfA
wvsprintfA

Sections

!_a]7B[!
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

k)J]`lg
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

]*6REovv
Size: - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

R;e<<>x^
Size: - Virtual size: 632B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

k`v$3pTQ
Size: - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

) V3+j=/
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RA&6/WVG
Size: 4KB - Virtual size: 629B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ