45753ac5737cf753799cd8d46b492e7f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45753ac5737cf753799cd8d46b492e7f_JaffaCakes118
Size

4.0MB
MD5

45753ac5737cf753799cd8d46b492e7f
SHA1

d2e78fd620298b69cbf50494215ff3bf81a8e541
SHA256

6ed3c35c18420daf6fc3e77228bc0d9d119d1398d44f4b4fc95a9a05dd06f31c
SHA512

8a167a13c1c7b2c028bbc06baa9503dea0d8ff00754e8ebc7d370b5d4b5fbad1131ec1e435f13e51f6883c85ef2ad3e1fed2120404632d3045906b8ea331c5ec
SSDEEP

98304:hc/rOKhaFwNmCtfIbz5NY0BKMdsKRN9DSVnqu/rEM2839Hmg:crOGaONR9I80hdsK9Zu/YMjmg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45753ac5737cf753799cd8d46b492e7f_JaffaCakes118

Files

45753ac5737cf753799cd8d46b492e7f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e83c1221be9cf18335e72940eed7f009

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileApisToANSI
GetVolumePathNamesForVolumeNameA
SetFirmwareEnvironmentVariableA
GetConsoleSelectionInfo
UnlockFile
GetCommTimeouts
VirtualAlloc
GlobalLock
GetConsoleInputExeNameA
ExitProcess
WriteConsoleInputA
FindVolumeClose
VirtualProtect
CreateNamedPipeA
ExitThread
FindNextVolumeMountPointA

user32

CharToOemA
MapVirtualKeyExA
PostThreadMessageW
GetWindowTextA
GetClassNameA
ShowWindow
BroadcastSystemMessageExW
RegisterRawInputDevices
GetDlgCtrlID
ModifyMenuA
LoadAcceleratorsA
CreateAcceleratorTableA
PostThreadMessageA
CopyIcon

Sections

.text
Size: 825KB - Virtual size: 825KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 771KB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ