46ae3fe64628a2adfa72e39cd8bd18c8_JaffaCakes118 | Triage

Sharing

General

Target

46ae3fe64628a2adfa72e39cd8bd18c8_JaffaCakes118
Size

775KB
MD5

46ae3fe64628a2adfa72e39cd8bd18c8
SHA1

25e2ac70e1cd1d7945dbbca733e237f25021f566
SHA256

f1debd4349b58caa2a4945afd3137c7e1bff338edfba2968313521abbcc67c49
SHA512

1d6452a645786d6be2d50d2876162f99e45d1561536b2e4eb52ec288123f33267587153e4cece4d58cf5e6d2644a210a4ce66ff74ad223987c0439320293ef00
SSDEEP

24576:6Go5HnxTcYRK0+bYVLNXU7EY8Pu6arc2L5WcLvX9Zh:jopFcRbYVmwmjrrQE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46ae3fe64628a2adfa72e39cd8bd18c8_JaffaCakes118

Files

46ae3fe64628a2adfa72e39cd8bd18c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d413b853642ecebe910da22f03f45f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetModuleHandleA
lstrlenW
GlobalUnlock
GetProcessHeap
CreateMutexA
CreateFileW
GlobalFree
HeapCreate
SetLastError
LoadLibraryExA
FindResourceW
CloseHandle
TlsAlloc
DeleteAtom
GetEnvironmentVariableA
ReleaseMutex
GetStdHandle
GetExitCodeProcess
TlsGetValue

user32

FillRect
CallWindowProcA
DrawMenuBar
DrawEdge
CreateWindowExA
GetDC
CreateMenu
DispatchMessageA
IsWindow
GetDlgItem
GetCaretPos
CheckRadioButton
SetFocus

rsaenh

CPDecrypt
CPSignHash
CPGenKey
CPHashData
CPDeriveKey

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 765KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE