454a4f16b3269872e6fb51f95aec11fe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

454a4f16b3269872e6fb51f95aec11fe_JaffaCakes118
Size

413KB
MD5

454a4f16b3269872e6fb51f95aec11fe
SHA1

aad0368679c2158f4d5dae68f0bf09ebe9871595
SHA256

a6ea46407061052f37e121028ef93f4a847213121088990f16522a6463be8092
SHA512

5ab3a5db010744cfe9f9349b2e5493c0b8409d28bf8f9ec8e63c15ed7e29e9221e058a217852e95865e2e5d78ee35f6efd6450d6ce3e3ad54fd48604aec02e6d
SSDEEP

6144:EjlYWXQ7r0pjst48BVA0gP+VdQnQCgIwe/xSqF5loDOvOYbHgG8vpCWS9cXASj8k:sQAjCvM0hdCQEptoqvO6AG8Md9cQS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
454a4f16b3269872e6fb51f95aec11fe_JaffaCakes118

Files

454a4f16b3269872e6fb51f95aec11fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb25598b2ec6a4015c146e0f0982d2f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumePathNameA
ExitProcess
CloseHandle
EnterCriticalSection
GetStdHandle
FormatMessageA
VirtualAlloc
GetCommState
CreateHardLinkA
GetProfileStringA
GetUserDefaultLangID
ClearCommBreak
GlobalFlags
FindAtomA
GetProcessHeap
GetOEMCP
GlobalLock
CreateJobSet
GetModuleHandleA
GetTapeStatus
GlobalFree

user32

RegisterClassA
ShowWindow
GetWindow
GetDC
GetActiveWindow
CloseWindow
GetParent
GetClassInfoExA
GetForegroundWindow
BeginPaint
EndPaint
GetWindowTextA
ReleaseDC
ValidateRect
DrawEdge
IsIconic
GetWindowTextLengthA
GetFocus
GetClassNameA

gdi32

ExtCreatePen
CreateDCA
CreateDIBitmap
GetColorSpace
GetCharWidthA

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ