45160c4125214695296375ab53df550a_JaffaCakes118

General

Target

45160c4125214695296375ab53df550a_JaffaCakes118
Size

21KB
MD5

45160c4125214695296375ab53df550a
SHA1

4b8b6451421fcd10ef4d83e78a70b8d1182bf8c2
SHA256

4649274144ec4551769988c81a3f6e7d2dbdc788c889bd0ad7d291166764e091
SHA512

0c5bef27d47b383d2f56ac6aef1fad5ae697c1c44b71ae679df90b3cef47d26112ab80dae160532392522a07dac59a4d87eedcc98ca022416b437eafdbb58bf1
SSDEEP

384:i04+HyFWlxWlWJg/7xdcZxKMLUWPpyzR8l2Sq7nHvFhI:XycQWJo7uUcgtS6dh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45160c4125214695296375ab53df550a_JaffaCakes118

Files

45160c4125214695296375ab53df550a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4725dc13c38559086f7c0c193b45dafb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

samlib

SamRemoveMultipleMembersFromAlias

crypt32

CryptEnumOIDInfo

user32

CallMsgFilterA

gdi32

GetTextMetricsW
GetTextExtentPointA
DeleteObject
GetTextExtentPointW
GetTextMetricsA
SelectObject

ntdll

RtlUnwind

kernel32

GetDateFormatA
lstrlenA
CompareFileTime
QueryPerformanceCounter
HeapReAlloc
EnterCriticalSection
GetCurrentProcess
InterlockedCompareExchange
DeleteCriticalSection
VirtualAlloc
lstrcmpiA
UnhandledExceptionFilter
TerminateProcess
HeapFree
Sleep
SetProcessWorkingSetSize
GetSystemTimeAsFileTime
LeaveCriticalSection
HeapAlloc
InitializeCriticalSection
GetProcAddress
GetCurrentProcessId
WinExec
FileTimeToSystemTime
SetUnhandledExceptionFilter
GetCurrentThreadId
lstrlenW
GetCommandLineA

Sections

.text
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4725dc13c38559086f7c0c193b45dafb

Headers

DLL Characteristics

File Characteristics

Imports

samlib

crypt32

user32

gdi32

ntdll

kernel32

Sections

.text Size: 1024B - Virtual size: 976B

.rdata Size: 512B - Virtual size: 212B

.data Size: 512B - Virtual size: 40KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 16KB - Virtual size: 96KB

.text
Size: 1024B - Virtual size: 976B

.rdata
Size: 512B - Virtual size: 212B

.data
Size: 512B - Virtual size: 40KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 16KB - Virtual size: 96KB