45764fbf29dc6e6832013ea99525f1c9_JaffaCakes118 | Triage

Sharing

General

Target

45764fbf29dc6e6832013ea99525f1c9_JaffaCakes118
Size

736KB
MD5

45764fbf29dc6e6832013ea99525f1c9
SHA1

e64e88e736a7d6d760109f355bbeb0b0d9732816
SHA256

d0b7d8fbd357bdae9ac59bd374c1d007158f1fa6985731cb92a37df83f935b85
SHA512

2eab3af6699360b48ec195afc228790c90afb6e542eacb0e09436c5f937f9a6b209f0b976d652e8e069fa2926d41d317695a43980a3b9c7767476b45f9f16f58
SSDEEP

12288:/UuB26ELqY/CxCPTtrzoTA8nHUvDaWuRh7q5WgYcyzu2oh/ySnkIQZsSKKffr://8tqY/CxCrdGtHRh7ef2oh6rIgspED

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45764fbf29dc6e6832013ea99525f1c9_JaffaCakes118

Files

45764fbf29dc6e6832013ea99525f1c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b24c6ebcec14f523cce31fc8266f9d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
LCMapStringA
ExitProcess
HeapAlloc
HeapFree

user32

SetWindowLongA
CloseWindow
CreateWindowExA
wsprintfA

advapi32

RegCreateKeyA
RegSetValueA
RegEnumKeyA
RegCloseKey

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize
CoRegisterClassObject

Sections

.text
Size: 105KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 534KB - Virtual size: 821KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 67KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE