45dfd14bb12f56932280b027ec14a035_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45dfd14bb12f56932280b027ec14a035_JaffaCakes118
Size

137KB
MD5

45dfd14bb12f56932280b027ec14a035
SHA1

d876719eb168fd296d7c544cbcc5fd1b0e309de3
SHA256

568a3f8a3783d9c76ebcf90dddfbcdadae5834c2f18bb96bbc3cce9b4f38dff7
SHA512

14654d47d7c5468f99da37100b31a0f7341f65b026123ceece1c689c4e10d592e29c15f8234633f53f2bbe87ca7147e71508a87ea2199eee38392b95e2175475
SSDEEP

3072:soDVKYtrvLcVB4OAlz9xUue+So5qVq9Tbgac1D/:sohjsB4OIf9wUb/u/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45dfd14bb12f56932280b027ec14a035_JaffaCakes118

Files

45dfd14bb12f56932280b027ec14a035_JaffaCakes118
.exe windows:8 windows x86 arch:x86

4327d1d8468baa368ab6f44531564ca7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
FormatMessageW
GetModuleHandleA
LocalAlloc
MultiByteToWideChar
SetUnhandledExceptionFilter
WaitForSingleObject

user32

GetWindowRect
DestroyWindow
PostMessageW
DefWindowProcW
PostMessageW
DestroyWindow
SetTimer
GetDlgItem
PostMessageW
GetDlgItem
GetSystemMetrics

ntdll

NtAllocateVirtualMemory

gdi32

DeleteDC
BitBlt
GetDeviceCaps
PatBlt
DeleteObject
CreateCompatibleBitmap
MoveToEx

Sections

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ