46d3e17431c356a92cf9716dd271aae6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46d3e17431c356a92cf9716dd271aae6_JaffaCakes118
Size

64KB
MD5

46d3e17431c356a92cf9716dd271aae6
SHA1

43a4b28afe8f2e708ea29632e541f53c5462393f
SHA256

8ca1c1ff0b8a39eaa6592cede00c942267b2a79b4ff2e75f7598181cabc868a6
SHA512

b6e2fd3a69ff85f5fcd1a1d76b78eab158e8343983264f2b0c1cd75bf7e2c9a0ccc15656724b6702ede499b5ce3574913e655dfbf8d004f93b09d65e28cfdb85
SSDEEP

768:Qy6jBmBN5QBIDFOK5nDZlaGFTTdDxir4zwbOd8Q6yKDAh4MNE0YSZnFE4Dj6:kjwfWIDdHcGNTJxvM4zxz9bDN64Dj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46d3e17431c356a92cf9716dd271aae6_JaffaCakes118

Files

46d3e17431c356a92cf9716dd271aae6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d89ee771b380dcbfe3567ad5d7a00b7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleFontSize
VirtualLock
LocalFileTimeToFileTime
LeaveCriticalSection
UpdateResourceA
GetCommandLineA
SetConsoleCP
GlobalSize
GetVersionExA
DeleteTimerQueueEx
InterlockedIncrement
GlobalFlags
QueryPerformanceFrequency
DosPathToSessionPathA
GetCommandLineA
WriteTapemark
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

icode
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

idata
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ