46aea0a69e2406d6ce7a4ba677f3e09a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46aea0a69e2406d6ce7a4ba677f3e09a_JaffaCakes118
Size

311KB
MD5

46aea0a69e2406d6ce7a4ba677f3e09a
SHA1

da2dc20b64e7f3d55c65a69ec96551c50c30652d
SHA256

f2ebec5497078e4289920c3a5387e406f10669178fea350c713f7340352f2ff5
SHA512

873895f92188cf0a1bbd38fb42e79d9bf223bb8f5fd9bdc0bb4e32cc61196386716a317ee0893138beab6ce15462a29e5e70442a4641406af104676ec8c2ff91
SSDEEP

6144:khzJMzvMxl3Cef3DTVZlA3pkqskKAV965rQy7MydlNKeB2tdOcklkYLsLZv:izJ4O1vTW3iXkqHdlid8B8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46aea0a69e2406d6ce7a4ba677f3e09a_JaffaCakes118

Files

46aea0a69e2406d6ce7a4ba677f3e09a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1199b76aec0eb8907001160c6a65bbc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExA
ReleaseMutex
GetLastError
GetModuleHandleA
FindClose
SetEvent
CloseHandle
SearchPathA
FindAtomA
CreateThread
TlsGetValue
DeleteCriticalSection
GetVersionExW
OpenMutexA
CreateMutexA
Sleep
lstrlenA
GetTickCount
SetLastError
VirtualProtect

user32

EqualRect
EnableWindow
CloseWindow
CopyImage
GetKeyState
FlashWindow
CreateMenu
DragDetect
IsIconic
GetMessageA
DispatchMessageA
DialogBoxParamA
CreateWindowExA
EndDialog

loghours

LogonScheduleDialog
DialinHoursDialog
DirSyncScheduleDialogEx
DirSyncScheduleDialog
DialinHoursDialogEx

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ