45274dcf591d5a07dc23a3dfde309be0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45274dcf591d5a07dc23a3dfde309be0_JaffaCakes118
Size

132KB
MD5

45274dcf591d5a07dc23a3dfde309be0
SHA1

6010f8d5163bc8fea83b32e10450e17e600569d5
SHA256

e9305396d50a2b5fcea863f71248eee35321ca619c308ee592b59c03b3e42129
SHA512

5e2a3f39fbddbeacff0f0aa1b1d86eac20b2d39e6ac99645428d2da32cc8176830630e7e071a3df80806053c03549eb030ea4ccb01e0096a281fe67129beb157
SSDEEP

1536:Uzrx9gjDbGvJ/XPQ4gQk5pkkwi+emx46kNnruHrSOLfVfLsvPLBahzCFuXp1LcWy:+4jnGv5NgPGUHb1YSMNs3LBah8OLcCI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45274dcf591d5a07dc23a3dfde309be0_JaffaCakes118

Files

45274dcf591d5a07dc23a3dfde309be0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd264161f7024c2f2833d18ae4cfcaab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextVolumeA
ConsoleMenuControl
VDMConsoleOperation
GetNumberOfConsoleFonts
FindNextChangeNotification
LocalFileTimeToFileTime
RegisterWaitForSingleObject
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

data
Size: 8KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ