46f9a1e35b3f82345250d38f27a5c960_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46f9a1e35b3f82345250d38f27a5c960_JaffaCakes118
Size

34KB
MD5

46f9a1e35b3f82345250d38f27a5c960
SHA1

2ba672d50549cf8165a3d5319dca76a8fa71b648
SHA256

026e23002e01fa42385f56fa8cc74178ab4a2ec80ecb6f94f31a61a8268e91e1
SHA512

83e527422dec8b608e656051e9090cf05dd55bd961391ab146c4e5bff404b84c2b373aed427271772ffa27c036b7ce5be0df817153103c5471ae94c3033409f1
SSDEEP

768:lTQB29m3RH9BFP2GlEBxCD/xKirhQ8BrOUrpoz3mzPxcakIOmic:+2IBNP2GlEBxqx7r6UrpYYJYIC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46f9a1e35b3f82345250d38f27a5c960_JaffaCakes118

Files

46f9a1e35b3f82345250d38f27a5c960_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ca89f14e31678453360b9fed90f9825

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetCurrentProcessId
GetComputerNameA
QueryPerformanceCounter
QueryPerformanceFrequency
GetVersionExA
GetWindowsDirectoryA
GetCurrentDirectoryA
GetSystemTimeAsFileTime
GetSystemInfo
GetTimeZoneInformation
GetSystemTimeAdjustment
AreFileApisANSI
lstrcpyA
GetProcAddress
GetVersion
GlobalMemoryStatus
VirtualAlloc
VirtualProtect
GetCurrentProcess
GetLogicalDriveStringsA
LoadLibraryA
GetModuleHandleA
GetCurrentThread
GetCurrentThreadId
GetStartupInfoA
GetCommandLineA
IsBadReadPtr
GetLogicalDrives
GetConsoleOutputCP
GetLastError
IsBadWritePtr
GetConsoleTitleA
GetConsoleCP
GetDiskFreeSpaceExA
GetVolumeInformationA
GetProcessHeap
TerminateThread
IsBadCodePtr
IsBadStringPtrA

user32

GetCapture
GetForegroundWindow
IsWindow
GetSysColor
GetActiveWindow
GetKBCodePage
GetDesktopWindow
GetKeyboardType
GetFocus

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE