e4b45a43e41484cff1f00bb8534500bd_JaffaCakes118 | Triage

Sharing

General

Target

e4b45a43e41484cff1f00bb8534500bd_JaffaCakes118
Size

202KB
MD5

e4b45a43e41484cff1f00bb8534500bd
SHA1

a83d58b6b21b568b1ca766508015c82705d1a496
SHA256

3a25ace61427f636b1ae70700031cb484af84555f7b93d11a7cbb102586a2f0c
SHA512

7a4d56695ebe04e5618b14b31dd9f4befaeabc885dbb940385abc79ab1d4e321c66a0fc5c9ffe590a168618c6261035342fd5f948f8026a70479d18f79794d03
SSDEEP

6144:qdaWg52l/KfoGZuyrIhg4/a4BUiqu/If:qEWgkykVajm/If

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e4b45a43e41484cff1f00bb8534500bd_JaffaCakes118

Files

e4b45a43e41484cff1f00bb8534500bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9c251f066e446e5f4d11db44b3c74e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

UnhandledExceptionFilter
CreateFiber
VirtualFree
HeapDestroy
GetCommandLineA
InterlockedCompareExchange
HeapReAlloc
ResumeThread
TerminateProcess
SetUnhandledExceptionFilter
HeapSize
LoadLibraryA
EnumResourceNamesA
GetLocaleInfoA
GetSystemInfo
RtlUnwind
GetProcAddress
SetThreadPriority
VirtualQuery
VirtualProtect
ExitProcess
HeapAlloc
VirtualAlloc
GetACP
IsProcessorFeaturePresent
WriteFile

user32

CallWindowProcA
PtInRect
IntersectRect
BeginPaint
GetParent
SetFocus
UnionRect
RealGetWindowClassA
GetKeyState
IsWindow
InvalidateRect
UnregisterClassA
IsChild
GetFocus
GetClientRect
RegisterClassExA
EndPaint
CreateWindowExA

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ