46bae9f26768598601758228c34b57e7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46bae9f26768598601758228c34b57e7_JaffaCakes118
Size

128KB
MD5

46bae9f26768598601758228c34b57e7
SHA1

b3a10a45e103759caaea2956395756ed6c139455
SHA256

433bd9133dbe8e94c6addb2276be119e81b16503449b92d55a410c935aaa1df8
SHA512

4e222a3e31fdeea756ad36bca29917cfd89f5cec89527abc19561c004ff9c0e6411969b587f7dccfc47a8b24c4a83eec7ee63d60a82ad81abacba5b743bc454a
SSDEEP

3072:rrYBsZq08hm/PfI7BZVYjlw8kAXQlyzQx/+GgLx2nYAA:/YWB8hGo7BZylp7XbEmGgLYnY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46bae9f26768598601758228c34b57e7_JaffaCakes118

Files

46bae9f26768598601758228c34b57e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7eb5076ea48807b2d8359414a6b603b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
IsBadWritePtr
HeapLock
LocalUnlock
GetThreadLocale
FindNextVolumeMountPointA
DeleteVolumeMountPointA
IsValidCodePage
GetBinaryType
ExpungeConsoleCommandHistoryA
GetLogicalDrives
GetSystemDirectoryA
PulseEvent
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

icode
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

idata
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ