45695a5d94987f269d3c7c4fea8cf3b7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45695a5d94987f269d3c7c4fea8cf3b7_JaffaCakes118
Size

278KB
MD5

45695a5d94987f269d3c7c4fea8cf3b7
SHA1

f43570f21c6d3c852056f014b15bf4b617ac3308
SHA256

fffeb59f797a477ed60299a14a12f0345b9cf365693bdb1071f601cd38e80bc0
SHA512

f869d42e2b52d989acc4b68794d83d9564a07db423b366207419cfa6d71d549894ee745c7306b40c005892cbaeae11cef02e98f5fdac2b96ca8a818d50321e28
SSDEEP

6144:p7LI5ZUYPCMnU81wLS/fGrroQLvaP4VCmR2:WZUYPjr1SS/ursEvSaO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45695a5d94987f269d3c7c4fea8cf3b7_JaffaCakes118

Files

45695a5d94987f269d3c7c4fea8cf3b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2491e109574d15621477997c345ee9c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringA
CreateEventA
CreateFileA
CreateThread
EnterCriticalSection
ExitThread
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetLocaleInfoA
GetProfileStringA
GetThreadPriority
GetTickCount
GetVersionExA
GlobalAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalLock
LocalUnlock
ReleaseMutex
SetEvent
SetFilePointer
SetLastError
Sleep
WaitForSingleObject
WriteConsoleA
lstrcmpiA
lstrcpynA
lstrlenA

user32

wsprintfA
AdjustWindowRectEx
CreateWindowExW
DefWindowProcW
DestroyIcon
FindWindowW
GetWindowRect
IsWindowEnabled
RegisterClassExW
SetActiveWindow
SetCursor
SetMenuItemInfoW
SetRectEmpty
TranslateAcceleratorW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 262KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ