31b46e489368397db86ed668a41f3670_JaffaCakes118 | Triage

Sharing

General

Target

31b46e489368397db86ed668a41f3670_JaffaCakes118
Size

352KB
MD5

31b46e489368397db86ed668a41f3670
SHA1

8b10acd99017ea81008ce061835a2b745141bc5c
SHA256

41f7a52acaff5890b37c9b820e1b678093991d5872b80437d4e96807a52511a6
SHA512

e61900053aa6badd8f6d88c218caad399b6e20d8ae7b7da3546fe670932daaa3ee68503ba31159bcf45bb2091f3db7c3810a27201d8300614390ed53921ff86e
SSDEEP

6144:Y+me0zANEa8Li1bWlWjkoCtfwR+RwBT4M9NdX753uSUQ1sab3nhH9U:5L08N5qAWgko8wR54aN7mwsSRdU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31b46e489368397db86ed668a41f3670_JaffaCakes118

Files

31b46e489368397db86ed668a41f3670_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f56b50b14dddeec0ea08ae43fe84065a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
CreateEventA
GetLastError
lstrlenA
LocalFlags
FindClose
GetModuleHandleA
OpenMutexA
IsBadReadPtr
CloseHandle
GlobalUnlock
FreeConsole
LoadLibraryExW
GlobalLock
GetSystemTime
VirtualProtectEx
GetACP
GetConsoleTitleW
LocalFree
OpenMutexA

user32

GetSubMenu
GetParent
EndDialog
LoadCursorA
GetMessageA
CreateWindowExA
GetKeyState
IsMenu
IsIconic
ClipCursor
GetMessageA
DialogBoxParamA
GetDlgItemTextA
MessageBoxA

uxtheme

DrawThemeBackground
GetCurrentThemeName
DrawThemeText
EnableTheming
CloseThemeData

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ