d45bb22fafc4f17001fdbf882e14737a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d45bb22fafc4f17001fdbf882e14737a_JaffaCakes118
Size

12KB
MD5

d45bb22fafc4f17001fdbf882e14737a
SHA1

3dff5cf440fbf66ec8fcb7f516ace535193880e4
SHA256

7d53a47693abe8230760b9876e931c70402da5078c02cc01a911f1901a6b44fb
SHA512

e28ff0ef12eb2b70d37f66c1f5af3a3e2433c6af1fd90b4ddc83d991241256a4af82f6027b38437f102b66d7661f49e9aca8e775a8b23779ebd2d445c4490395
SSDEEP

384:jWPEMvzyUln9D4/w1/oSBT/FnVbcsZX9XMj:jWZD4/K9TJFn98j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d45bb22fafc4f17001fdbf882e14737a_JaffaCakes118

Files

d45bb22fafc4f17001fdbf882e14737a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a5d57be788813c1338fc77fc9fba45b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetLastError
CreateMutexA
CloseHandle
GetTickCount
GetLongPathNameA
GetTempPathA
TerminateProcess
WaitForSingleObject
FreeLibrary
GetVersionExA
LocalAlloc
DeleteFileA
LocalFree
GetStartupInfoA

user32

KillTimer
LoadIconA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
DefWindowProcA
PostQuitMessage
LoadCursorA
RegisterClassExA
CreateWindowExA
SetTimer
LoadAcceleratorsA
GetMessageA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA

shell32

Shell_NotifyIconA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_snprintf
strtok
fclose
fread
fseek
fopen
sprintf
fwrite
strncmp
_exit

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ