46cc29e7a42ad1b89e8f1a7711712d3a_JaffaCakes118 | Triage

Sharing

General

Target

46cc29e7a42ad1b89e8f1a7711712d3a_JaffaCakes118
Size

312KB
MD5

46cc29e7a42ad1b89e8f1a7711712d3a
SHA1

3099464115f2b59caf931860b143a908831c1fcc
SHA256

2521e64e84a5c656a1daeda34f7567f9f0ee8cc9010126449cd72c8e5a57d7a0
SHA512

5b4391ec8d8de6ce6f20e1f93504c68c51bda4312e768b7905b0993429c193c09113b922188fac0a9389c2ade64cfb741ca63d47e06d80b273fe363cc7bff49e
SSDEEP

6144:zd+NsHYcfGkNdCEW/gh95Re3YIAR6y0SROGN+4PrVAuJq:zd+uH3fGoCEW/49zwdGI4PrVAQq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46cc29e7a42ad1b89e8f1a7711712d3a_JaffaCakes118

Files

46cc29e7a42ad1b89e8f1a7711712d3a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f38e1fe3d3d2dd77c59f51af10e1fc65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
Sleep
VirtualProtect
GetDriveTypeA
HeapCreate
GetLocaleInfoA
LockResource
EnterCriticalSection
GlobalDeleteAtom
IsBadReadPtr
GetACP
CloseHandle
SetErrorMode
GlobalAddAtomA
RaiseException
GetLastError
GetStdHandle
GlobalFree
FileTimeToLocalFileTime
SetConsoleOutputCP
InterlockedExchange

user32

GetMenuItemInfoA
DrawEdge
ClipCursor
BeginPaint
DrawTextA
GetClassNameA
GetWindowTextA
SetForegroundWindow
EndPaint
ShowWindow
wsprintfA
GetWindow
IsIconic
ReleaseDC
GetFocus
ValidateRect
GetCursorPos
GetActiveWindow
GetParent

httpapi

HttpAddUrl
HttpTerminate
HttpRemoveUrl
HttpInitialize
HttpCreateHttpHandle

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ