461f26e607f3e6b046593964cec1404a_JaffaCakes118 | Triage

Sharing

General

Target

461f26e607f3e6b046593964cec1404a_JaffaCakes118
Size

189KB
MD5

461f26e607f3e6b046593964cec1404a
SHA1

93a6d1667598bfb52883d43ac2845e4d665ecbc8
SHA256

8fb53c588c38f1f826d7e6946796082243428216ad4a028655237cd3aa567c52
SHA512

f9db11acab228a69b6764719f6e1665337567a86f4b2c5340af259939942ff588a7073497ce5c1a1eed15e03a715d937afa2b100cd000dd9c54c3ada2d1ccd7a
SSDEEP

3072:mJnjW8LMyAMF1ev4Tb6apLQ6paMuPVOJtku1a5G1qRiu/z:mJjWwbAEeQdcgSPVW/3MRiub

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
461f26e607f3e6b046593964cec1404a_JaffaCakes118

Files

461f26e607f3e6b046593964cec1404a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

219d68da98378d9e3113a353761cbbf4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
HeapDestroy
HeapFree
HeapAlloc
ExitProcess

user32

CloseWindow
CharLowerBuffA
wsprintfA
CreateWindowExA

advapi32

RegCreateKeyA
RegSetValueA
RegCloseKey
RegEnumValueA

ole32

OleRun
CoCreateInstanceEx
CoRegisterClassObject
CoUninitialize

Sections

.text
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.C
Size: 4KB - Virtual size: 41B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.$
Size: 17B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0
Size: 26B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.N
Size: 41B - Virtual size: 41B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ