545ab5a390a497e1502796e4d1875d75_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

545ab5a390a497e1502796e4d1875d75_JaffaCakes118
Size

1.2MB
MD5

545ab5a390a497e1502796e4d1875d75
SHA1

c5e8457c8977d93bfb397b0f7d9406fb95316ed9
SHA256

6924c6d2888f783b148e72efc787a5faac610fc513e8b27384d6bb6e2a869028
SHA512

9db878f2056a5705456820701e2250b744b3597d4f69b11944b220020cf192e6b4d1dfc0c4da66e176736c84d686d29db292ab4347c1360ef0dac7fdb57a9c8f
SSDEEP

24576:hExN8ApVY/A0USjBnLBmCRJo7En5rike57ag8BE0qfG:hEv3pa/RLBnICRJoYn5ri3wg81qf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
545ab5a390a497e1502796e4d1875d75_JaffaCakes118

Files

545ab5a390a497e1502796e4d1875d75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11abab6bbd765f75d37977ec207bc8c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
ExitProcess

advapi32

RegCreateKeyA

gdi32

CreateCompatibleDC

user32

MessageBoxA

version

GetFileVersionInfoA

shell32

SHGetSpecialFolderLocation

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

stxt774
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

stxt371
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE