45dd3c0369e2449282846254b15f5b55_JaffaCakes118 | Triage

Sharing

General

Target

45dd3c0369e2449282846254b15f5b55_JaffaCakes118
Size

143KB
MD5

45dd3c0369e2449282846254b15f5b55
SHA1

3b83f40e376c751b672fb69f91f54f3e814749d3
SHA256

2aaa9bbc26910bf1b93ab09adb245dc658969bb79888a7129a4d63db3fc238c9
SHA512

2d8ac04766a5fc0062fc6d4fabb605f2c07142f4ff6eeccdf1f1d11bd1031d5f43ee13c5e107aa53cef425c66518bad3a300ab08640430f5ad5e79fa0546cb91
SSDEEP

3072:e0DdLuBe3hGByIVvZvjyRVJUALk6gSR79:e0hLuAElVKvoSR7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45dd3c0369e2449282846254b15f5b55_JaffaCakes118

Files

45dd3c0369e2449282846254b15f5b55_JaffaCakes118
.exe windows:5 windows x86 arch:x86

19ee2bd668badd934d0fb33fd38f6363

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\hevxVl\qcjHgc\qpBeuTnM\hzpuxdk.pdb

Imports

user32

wsprintfW
SetDlgItemTextW
GetClassLongA
LockWindowUpdate
RemovePropW
GetMenuDefaultItem
IsIconic
InsertMenuA
GetMessageExtraInfo
EnableScrollBar
DeleteMenu
HideCaret
InflateRect

shlwapi

StrCatBuffW

gdi32

EnumFontsW
GetRgnBox
CreatePolygonRgn
Rectangle
GetTextExtentPoint32A
CreatePenIndirect
CreateDIBitmap
GetTextMetricsW

kernel32

GetThreadContext
SearchPathA
GetSystemDefaultUILanguage
LocalSize
LocalAlloc
IsBadStringPtrW
FileTimeToLocalFileTime
HeapAlloc
lstrlenW
GetTimeFormatA
GetCurrentDirectoryW
VirtualFree
SetPriorityClass

Exports

Exports

?Wpbperrxnfzgcy@@YGKD@Z
?BhwbnzTjVs@@YGMD@Z
?VUhYldlxp@@YGGM@Z

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ