945751af4eee86339fcba7104b775a42_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

945751af4eee86339fcba7104b775a42_JaffaCakes118
Size

368KB
MD5

945751af4eee86339fcba7104b775a42
SHA1

5fbe68d9540339bb7388c8a01cab8118dcc4d4b3
SHA256

8973f917c7b0d6ce3a2ad14722a0fdb437e5179b4c501a601036290278b3d24f
SHA512

bcb35dd5e1f4b6c83a08574887ee750587a88f86b90490d00458db8361158dee27fd8926ce5a282eee18a10f019ec2a8a08ec5502e03c6b69241aaa1a0a51d04
SSDEEP

6144:tr6veTSNRbIA4PqaQ1v26+1bZjMmRxhH5/TGKxthZq:trQPNF1v2xTR9GKx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
945751af4eee86339fcba7104b775a42_JaffaCakes118

Files

945751af4eee86339fcba7104b775a42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31422f34e6e28ab64d81f7f54d223cd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetFullPathNameA
MultiByteToWideChar
PostQueuedCompletionStatus
GetProfileSectionA
SetStdHandle
SetFileShortNameA
GetExitCodeProcess
VirtualAlloc
ExitThread

hid

HidP_GetScaledUsageValue

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_INIT
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_INIT
Size: 4KB - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bbs
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ