45a6ba8c961f45fa8215b7ec80ae0278_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45a6ba8c961f45fa8215b7ec80ae0278_JaffaCakes118
Size

159KB
MD5

45a6ba8c961f45fa8215b7ec80ae0278
SHA1

b4871ff2dff7fd3d5bc2b79dea966adf10b37c58
SHA256

aa08b4eb6e3cdeec62d75dae52f4acbe58be5eb587bc12f73da8fbe6d5eabcdb
SHA512

369fc301bdebe9a2347b0cc036f6a57d8c1caef16374fcf243aa0d9b3f5259a1605c90748fb5107ae17d2881ad6acb63a97b6bb46dad5bb922f9d906d97fcd8b
SSDEEP

3072:LH1Xj25bWBIYLbgf/CdT2AFxyy++Kgfdl+ZsLDFGKbr/MIylx91wph8:l2aIY4fYT2AFxyy++KgTvgKn/qj8ph

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45a6ba8c961f45fa8215b7ec80ae0278_JaffaCakes118

Files

45a6ba8c961f45fa8215b7ec80ae0278_JaffaCakes118
.exe windows:4 windows x86 arch:x86

faee274b394885494d25ea05c209de43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
EnterCriticalSection
LoadResource
GlobalLock
ExitThread
LocalSize
GlobalAddAtomA
GetOEMCP
VirtualAlloc
lstrcat
GlobalFree
GetProfileStringA
CloseHandle
SetConsolePalette
GlobalFindAtomA
DeleteAtom
GetStdHandle
GlobalUnlock
LoadLibraryExA
SetCommBreak
RaiseException

user32

GetDC
GetClassInfoExA
GetFocus
GetClassNameA
ValidateRect
IsIconic
BeginPaint
GetWindowTextA
GetWindow
AlignRects
ShowWindow
ReleaseDC
DrawEdge
GetActiveWindow
GetWindowTextLengthA
EndPaint
GetForegroundWindow
CloseWindow
GetParent

wsock32

WSASetBlockingHook
WSAAsyncGetServByPort
WSAGetLastError
WSAStartup
WSACleanup

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ