45a8270973d24a61b8f4fed3061e290f_JaffaCakes118 | Triage

Sharing

General

Target

45a8270973d24a61b8f4fed3061e290f_JaffaCakes118
Size

154KB
MD5

45a8270973d24a61b8f4fed3061e290f
SHA1

3eba9944eeda02201c810ef24ea3b36971f8dc1e
SHA256

d2c74ad9996bf80dbfae5ed7b2b06b8366d5859c1ddba14e4d81dac220bb89a5
SHA512

172f673e4f7b70a57f112e159315970f1424f455f58dea0336f8ef0d36c51418fa29ac4b27f2009e214faa29c359607c3b0dfe6b60aa82ac0f21200c4f8c9557
SSDEEP

3072:1FEQqlOxrjEQf8+iA4kycwvmHVlEWyMFZ0fPkVY6QcFVgPWomzC/ZKvWf:yOtjINRnNMFZ0fiYKF+lmzxo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45a8270973d24a61b8f4fed3061e290f_JaffaCakes118

Files

45a8270973d24a61b8f4fed3061e290f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5659fd2bf447101193f47cfeb6ab12c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenW
lstrcpyA
lstrcpyA
InitializeCriticalSection
GetProcessAffinityMask
lstrcmpiW
WideCharToMultiByte
lstrcpyW
EnumResourceNamesW
GetLastError
MultiByteToWideChar
GetACP
LockResource
GetTickCount
FindClose
OutputDebugStringW
GetCPInfo
FreeEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW

user32

CharUpperW
KillTimer
GetDC
DispatchMessageW
PostThreadMessageW
GetMessageW
CharNextW
wsprintfW
SendMessageA
SetTimer
TranslateMessage
UnregisterClassA

shlwapi

PathCombineW
PathFileExistsW

ole32

CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
StringFromGUID2
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ