45b05f17a83b89d0020ff5e74a5ec37a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45b05f17a83b89d0020ff5e74a5ec37a_JaffaCakes118
Size

1.0MB
MD5

45b05f17a83b89d0020ff5e74a5ec37a
SHA1

87ae470fe5f0544590c81c058e29ae5582c48f6a
SHA256

f300548404740f1c46e1151b1eec0ea2c6f429f3fb6dae0f8570218ee4015432
SHA512

bed21ff09452928a9eca9773d7582320c84381d31186c7beccb3f6be68784af6694eea23fbf1ea166cb39e03fbeda8aaac120a3dcd9e3079f8f7c07217864f54
SSDEEP

24576:Um9cUIsFgUktDBTvx3/+kyjTGWvr2wCaCkeV3pkdl6xR4+euX0r18C8ylTPZPPzE:l9HICzk/jx3G/TGWvr2wCaCkeV3pkdl8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45b05f17a83b89d0020ff5e74a5ec37a_JaffaCakes118

Files

45b05f17a83b89d0020ff5e74a5ec37a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

966995abc3ac96390f1018d08ef2153b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetStartupInfoA
GetLastError
lstrcpyA
Sleep
GetVersionExA
GetTickCount
GlobalAlloc
GetModuleHandleA
lstrcatA
GetCommandLineA

gdi32

ExtTextOutA
SelectObject
CreateSolidBrush
GetDeviceCaps
PatBlt
GetTextMetricsA
LineTo
CreateFontIndirectA
GetStockObject
GetObjectA
BitBlt
MoveToEx
SetROP2
GetTextExtentPoint32A
CreateCompatibleDC
GetBkColor
DeleteObject
SetBkMode
GetTextColor
GetPixel
SetPixel

Sections

.text
Size: 512B - Virtual size: 478B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1021B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ