46c05b1f13dd8cd22b0c998be318ea4b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46c05b1f13dd8cd22b0c998be318ea4b_JaffaCakes118
Size

5.8MB
MD5

46c05b1f13dd8cd22b0c998be318ea4b
SHA1

a657b6905f16de4a84c6f05815d77dfca8c8549a
SHA256

72564a6d203f9530a08acf38510d88971f11b571dd2a721fc5902aaac285dac7
SHA512

9ee743d6d5616ced358daef29f5ec56bb4e49e338aa35f494044e1373c2ec3d512be1ff31708037c163a09909b8cb66dc311eb3d075cee1e70b8bb1fc50c30b9
SSDEEP

98304:wxP78Jgaf1U6n2voytkNhCkgVYNAqEpQBibwItDrz20Tl+KHrTBENiUEmrEfOP9:oT8Jgu1U62ADUeBejz2Y+yrmiUEZmP9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46c05b1f13dd8cd22b0c998be318ea4b_JaffaCakes118

Files

46c05b1f13dd8cd22b0c998be318ea4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

04693058bdd2df1a1648b0f5db6513bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetFileAttributesExA
GetModuleHandleA
SetProcessWorkingSetSize
GetCurrentProcess
GetConsoleCursorInfo
MoveFileW
WritePrivateProfileStringA
SetCommTimeouts
VirtualUnlock
EndUpdateResourceA
SetMailslotInfo
SetConsoleCursorPosition
GetCurrentProcessId
CreateDirectoryA
CreateMutexW
UnhandledExceptionFilter

ole32

OleCreateFromData
CoCreateInstance
RevokeDragDrop
OleSetClipboard

user32

IsCharAlphaNumericW
GetWindowWord
EnumDisplayDevicesA
wvsprintfA
GetKeyboardLayoutList
CheckRadioButton
OpenDesktopA
EnableScrollBar
GetInputState
ClientToScreen
CreateWindowExA
SetThreadDesktop
LoadKeyboardLayoutW
EndDeferWindowPos
RemovePropW
DrawStateA
CreateIconFromResource
GetKeyboardState
AppendMenuA
GetDlgCtrlID
InternalGetWindowText

comdlg32

CommDlgExtendedError
PrintDlgW

Sections

.text
Size: 39KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ