45a8ef85284e62cd276e8ba41d56d62c_JaffaCakes118 | Triage

Sharing

General

Target

45a8ef85284e62cd276e8ba41d56d62c_JaffaCakes118
Size

809KB
MD5

45a8ef85284e62cd276e8ba41d56d62c
SHA1

a4d86b6f530ddcbd1eb1246a040e54edfc1086b4
SHA256

98a569e782458bf9bee717a138ca0f125deac5e64262f99e11fdd828b57ee0b8
SHA512

64bd8b9335ce66a15c1ff83f6e3b95c6d1987aa18f7acab46a65a84b7abd3e57657b6967f5a9d9f5a5d943cfb9cc97fb52cb0a5cfb8f7959709228ad3dca4891
SSDEEP

12288:VXSfv8+D/E0y3Y0h4W2h/eoz+Golg1EMCGdfK+f+MWBvqHSzvfSgnFas5N4UUtm:MLD/HyBU/enzcfK+fI7egngUUtm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45a8ef85284e62cd276e8ba41d56d62c_JaffaCakes118

Files

45a8ef85284e62cd276e8ba41d56d62c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32ca8d5fca836efa8536566f0eee05c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess
CreateThread
VirtualAlloc
VirtualFree
ExitThread
GetSystemDirectoryA
CreateFileA
WriteFile
CloseHandle
FreeLibrary
GetFileTime
CompareFileTime
GetModuleFileNameA
GetCommandLineA

Sections

BitArts
Size: 62KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 666KB - Virtual size: 668KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE