45742cd22c19dbdf5ee1820d425c8441_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45742cd22c19dbdf5ee1820d425c8441_JaffaCakes118
Size

255KB
MD5

45742cd22c19dbdf5ee1820d425c8441
SHA1

274315b1ef0c9bf22952804589d09068178a195e
SHA256

c8497b52bf50de56f70b4a03e6b96560b89476bb91bc60e8e86bac1a6c126417
SHA512

1137daf2c6243f9d73acb6038f84078a10c09546f8092e47540cc97424dbe5b84f8cc0b0f3b3eef6d843acba833ffe15153382604e662991e52858c6cb87f608
SSDEEP

6144:G7InF62xnx6qDNoHUVMfR0O+7tU03+7JoS0ficML7OQ:G709x6qDm0V8RU2Jo/X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45742cd22c19dbdf5ee1820d425c8441_JaffaCakes118

Files

45742cd22c19dbdf5ee1820d425c8441_JaffaCakes118
.exe windows:4 windows x86 arch:x86

050c1aab7a91f3c016346417ff329799

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ole32

StringFromCLSID

user32

CharNextA

shell32

SHGetSpecialFolderPathA

oleaut32

SysFreeString

advapi32

CredEnumerateA

pstorec

PStoreCreateInstance

rasapi32

RasGetEntryDialParamsA

crypt32

CryptUnprotectData

Sections

CODE
Size: 247KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE