45f3e50b28abe395fbb688449cd6caa2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45f3e50b28abe395fbb688449cd6caa2_JaffaCakes118
Size

98KB
MD5

45f3e50b28abe395fbb688449cd6caa2
SHA1

0fdf555ae876dce51aaf08b506733eca58d6c14f
SHA256

3b2aba32291cbadabc5e23fc4374277f5d54898011663e2e7eea2c934059c313
SHA512

efae3eb10d2b3cc7318b058610ec0c82d85c0ebd6aabb915407ae253925b326900896bb6f2da40be46f143bb52fcdb909d452af59e1c68a9cb7e7d714bd8de0a
SSDEEP

1536:0Dldk2oNGcN6t8ORtCAk45b1ZZmeTH+knvfB2VqHVk1HeIxfxu1RAp700:0DldZoNeZRGQ1ZZhLvfBUqiffxu1R/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45f3e50b28abe395fbb688449cd6caa2_JaffaCakes118

Files

45f3e50b28abe395fbb688449cd6caa2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d360ec6bfe7835df3412d6aa60bca59

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
HeapFree
SetLastError
IsBadWritePtr
VirtualAlloc
VirtualFree
GetSystemTimeAsFileTime
HeapReAlloc
HeapCreate
EnumSystemLanguageGroupsW
HeapAlloc
GetWriteWatch
VirtualQuery
QueryPerformanceCounter
GetCurrentProcessId
HeapDestroy
TlsFree

user32

SetWindowTextA
GetWindow
CreateWindowExA
LoadStringA
DestroyIcon
GetDlgItem
LoadImageA
GetParent

oleacc

CreateStdAccessibleObject
AccessibleChildren

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

msimg32

AlphaBlend
TransparentBlt

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ