45e2b8da4e2582eb578264ab94dfddbd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45e2b8da4e2582eb578264ab94dfddbd_JaffaCakes118
Size

184KB
MD5

45e2b8da4e2582eb578264ab94dfddbd
SHA1

441af1a1a0f5fb4527269fa3e7d8acebe744c79b
SHA256

79da21d5121069d2f45fcb378804dd4b27eb3bbdb0c8f8220225824540e21434
SHA512

f8d7423b3aa202fc55d2c66bed43f38724371723a6feeaef971079022365cfda8898e4b2d74e017f7da3b5493afffd3f06133ff6b05a57aaeb59735b2291eff6
SSDEEP

3072:NHe4XNXBZe2rebugzvoG8soccN8hfllnA5iMue13J4heE+xW15GsMZRV001fzTcq:NHv7AOaoMllmQ1Y3J4wEkIRUbfXc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45e2b8da4e2582eb578264ab94dfddbd_JaffaCakes118

Files

45e2b8da4e2582eb578264ab94dfddbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1f5e858a4dc2ed39bdc611395b06f11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
SearchPathA
GetProfileStringA
PeekConsoleInputA
WaitForMultipleObjectsEx
GlobalDeleteAtom
GetVersion
CreateFileMappingW
DeviceIoControl
GetLongPathNameA
GetSystemWindowsDirectoryA
GetCommTimeouts
GetStringTypeExA
AddAtomA
GetFileAttributesA
InterlockedExchange
SetFileAttributesA
UnregisterWait
_lwrite
VirtualAlloc
GetLogicalDrives
GetDriveTypeA
GetComputerNameExA
IsProcessorFeaturePresent
SetFilePointer
SetupComm
GetCompressedFileSizeA
MapViewOfFileEx

wininet

InternetOpenW
InternetConnectA
HttpQueryInfoA
InternetSetOptionW
InternetReadFile
HttpSendRequestA
HttpOpenRequestA

Sections

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 804KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ