46a4827db7827681963968fcd79ca0cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46a4827db7827681963968fcd79ca0cb_JaffaCakes118
Size

29KB
MD5

46a4827db7827681963968fcd79ca0cb
SHA1

5179339620e8a3ed995735cdd8dc1aa61e8fb777
SHA256

6e8330184bbed6d536d7c88e2c6961ba7cde27f4fccb0801622f0f3c233e4da0
SHA512

d7bf26696d7eead85484230fa95dfbf26cb742408a84e3a948391c0931e6f2ff2af0dd413768e485f7b9d3e5d2413ae6f3d638a18915598f06ff9fed2303961b
SSDEEP

768:1swo7Nsgos0n6h7YHSvUUuLFp+CAKtugrlq9:1shmPsJ0n+StugU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46a4827db7827681963968fcd79ca0cb_JaffaCakes118

Files

46a4827db7827681963968fcd79ca0cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33bf3e687f1d78a225e57635aca28aa0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
lstrlenA
GetFullPathNameA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
LocalFree
CloseHandle
WriteFile
CreateFileA
LockResource
LoadResource
LocalAlloc
SizeofResource
FindResourceA

user32

wsprintfA

Sections

.text
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 139B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ