45d7b9d8b8c14e398cd9f54906bac5dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45d7b9d8b8c14e398cd9f54906bac5dd_JaffaCakes118
Size

709KB
MD5

45d7b9d8b8c14e398cd9f54906bac5dd
SHA1

463e714e4ff361af41f07a51bf61bfbd1cb6a29d
SHA256

b3d6c81a077c42ed8bf5e2a0f9c56807ba83e1049a694338e9bca8f9062b4b17
SHA512

552f946cae561ebb96bce17bdf2dcec321aa483e14a8f3a88a2e31b5a9a3b7681417b8e917e276fee5d11af0b34bc7c68972e8f6dce457474773219c32b88ba9
SSDEEP

12288:7obPJGOumFSiocCc7eBBI3CwqW0Vb17jqql/dvPbGFvuS5TQA9rBiLK4:EP4OuISD1BBI3MTDpd6FvcW4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45d7b9d8b8c14e398cd9f54906bac5dd_JaffaCakes118

Files

45d7b9d8b8c14e398cd9f54906bac5dd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

758d2a245ddf20382eed5b0e3badc3d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyW
UrlIsOpaqueW

kernel32

GlobalSize
GetCurrencyFormatA
VirtualProtect
FreeResource
GetSystemDefaultLCID
WriteConsoleInputVDMA
SetDefaultCommConfigA
GetFullPathNameA
SetVolumeMountPointW

user32

GetCapture
ScrollWindow
DrawCaption

Sections

.text
Size: 696KB - Virtual size: 696KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 641KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 632KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ