145a544bd6f6457674854bf03aeddd3e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

145a544bd6f6457674854bf03aeddd3e_JaffaCakes118
Size

147KB
MD5

145a544bd6f6457674854bf03aeddd3e
SHA1

72c907d64b5bf787cf80aabca6d8d840a886d920
SHA256

8249dc880261e33900ee2235876a7109f92241255d78a38d18b97908314c2f3f
SHA512

0efac73c33b2116eaec8956678f6fc192442de1468e2f5ff723bde3926c24e92f3dabbd631c48306267f9c3841f158ea4083ad1484e431f74bd33fa6f505e174
SSDEEP

3072:4hITq5HAHj8DeN2jn31oe66rd0tpucTv230U6QOLT6O:4hIWFAH5Ejlo6/EMOLTD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
145a544bd6f6457674854bf03aeddd3e_JaffaCakes118

Files

145a544bd6f6457674854bf03aeddd3e_JaffaCakes118
.exe windows:8 windows x86 arch:x86

1f1664ff930013375944b0449c826c85

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageW
LocalAlloc
MultiByteToWideChar
GetCommandLineW
GetCurrentProcessId
VirtualFree
GetCurrentProcess
GetModuleHandleW
GetTickCount
GetModuleHandleA
GetACP
WaitForSingleObject
GetProcessHeap
GetTickCount
FormatMessageW
SetEvent
GetCommandLineA
GetModuleFileNameA
GetProcessHeap
GetProcessHeap
GetCurrentProcessId
GetACP
SetUnhandledExceptionFilter
GetModuleHandleW
GetCurrentProcessId
GetCommandLineA
SetEvent
SetEvent
GetCurrentProcessId
LocalFree

ntdll

NtAllocateVirtualMemory

user32

DefWindowProcW
GetWindowRect
SetTimer
GetWindowRect
GetDlgItem
ReleaseDC
GetSystemMetrics
CreateWindowExW
SetTimer
DefWindowProcW
ShowWindow
GetSystemMetrics
GetDC
LoadIconW
ReleaseDC
GetDC
GetMessageW
PostMessageW
SendMessageW
GetDlgItem
GetDC

Sections

.text
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ