45b637f174349ece5f3992a67953261d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45b637f174349ece5f3992a67953261d_JaffaCakes118
Size

132KB
MD5

45b637f174349ece5f3992a67953261d
SHA1

512bf0533b839039ac9d44dd86ff3d3df7028b55
SHA256

d6d9f4aa4691d44342f1a3161b0eb8f431a74fb4eb4427efc997802da5259ca0
SHA512

6acf1b4d03dd1de682893f348df3b3493a90ec5baf7951597b5040d13c98195d497fc107cadf6996a2dc4150e40173507f95dc45218de43237b0fd4f2d0f837f
SSDEEP

3072:RkmfhZw1nFt5TgQk5E3tyCY3iR1Pq+wfY3q8lV:GmfUndp9Ro+s8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45b637f174349ece5f3992a67953261d_JaffaCakes118

Files

45b637f174349ece5f3992a67953261d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ca894a7152dab7886931b79b6cc3a5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
VirtualAlloc
lstrcatA
lstrcmpA
GetThreadLocale
HeapDestroy

oleaut32

SysAllocStringLen
VariantCopyInd
SafeArrayPtrOfIndex
OleLoadPicture
SysReAllocStringLen
SafeArrayGetElement
VariantChangeType

user32

IsWindowVisible
GetMenu
GetTopWindow
GetWindowTextLengthA
KillTimer

gdi32

GetObjectA
CreatePalette
GetTextAlign
SetBkColor
GetBitmapBits

Exports

Exports

_dypXZJXWsf9
_c78e7@4
_6IqR0gA
_VTUPZFzj@20
_Wqb0J8ZnBxu
_32ImddOYKUNzv
_32Xvvk@16
uUV1dMmcZx4kNU
SMN_2XZZSOo6EP@4
_3id0KtB@12
WUE5nVZ92h
jvcnZd@16
_MmQo9pt
7R0Ffa
ED77oy_kQ6lRtX
eLep2fJW@4
16dle4fbJ@12
nVJbfJtk7q5lJ1

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ