45175bf50f1e72d87488bda137d8a630_JaffaCakes118

General

Target

45175bf50f1e72d87488bda137d8a630_JaffaCakes118
Size

225KB
MD5

45175bf50f1e72d87488bda137d8a630
SHA1

ba0f0a7f256853ef055a9abe63fd5c84e96d1946
SHA256

88cfa3b8f8f1d548ff1ef0c285bcda5222a00c97d8365f4663952e9d8413a29f
SHA512

4b19e05dfc1013ca08ac7af8014468eca0f135d7a0e5348ab3711f1a958c457e916548cdf78f683c7e0debf3fa9d36e7cda156b7bb273c322fdedb8e3d811a06
SSDEEP

3072:eE1qCMp0oVC+VboCvA7KgTvl3DQSp2SdSIK1KdNe0IG4CL5FXqGjZmFLxheCJOPv:Bipd7VkXTvBQrSQIUSf4C9xZUUR+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45175bf50f1e72d87488bda137d8a630_JaffaCakes118

Files

45175bf50f1e72d87488bda137d8a630_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d1581872e2f96259000769d88ee8ad5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CallNamedPipeA
CompareFileTime
CopyFileA
CreateNamedPipeW
CreateProcessA
ExitProcess
GetCommandLineA
GetLogicalDrives
GetLongPathNameA
GetModuleFileNameW
GetOverlappedResult
GlobalAddAtomW
GlobalFindAtomA
HeapDestroy
HeapUnlock
IsBadHugeWritePtr
LCMapStringA
LocalHandle
LockFile
LockFileEx
Module32Next
OpenSemaphoreW
SetCommState
SetProcessShutdownParameters
SetVolumeLabelA
SetWaitableTimer
TerminateProcess
WaitForDebugEvent
WriteProfileSectionA

user32

ArrangeIconicWindows
DdeCreateStringHandleA
DefWindowProcA
DrawCaptionTempW
EndDeferWindowPos
EnumDesktopsW
EnumWindows
GetClassNameA
GetCursor
GetDlgCtrlID
GetScrollPos
InSendMessage
InsertMenuA
InsertMenuW
IsCharAlphaNumericA
IsDlgButtonChecked
MapVirtualKeyExA
ModifyMenuA
RegisterClassExA
RegisterLogonProcess
RegisterWindowMessageA
ReleaseCapture
SendDlgItemMessageW
SetForegroundWindow
SetThreadDesktop
SetUserObjectInformationW
SetUserObjectSecurity
SystemParametersInfoA

gdi32

Chord
CloseFigure
CloseMetaFile
CreatePatternBrush
CreatePen
CreatePolygonRgn
DeviceCapabilitiesExA
GetCurrentObject
GetGraphicsMode
GetKerningPairs
GetSystemPaletteUse
GetTextCharacterExtra
GetTextExtentExPointW
PatBlt
PolyPolyline
SaveDC
ScaleWindowExtEx
SetICMProfileW
SetMetaFileBitsEx
SetPixelFormat

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 223KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d1581872e2f96259000769d88ee8ad5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 12KB

.data Size: 223KB - Virtual size: 240KB

.idata Size: - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 192KB

.text
Size: 512B - Virtual size: 12KB

.data
Size: 223KB - Virtual size: 240KB

.idata
Size: - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 192KB