46f8b0698e85357a979a2cf854d7dc16_JaffaCakes118 | Triage

Sharing

General

Target

46f8b0698e85357a979a2cf854d7dc16_JaffaCakes118
Size

35KB
MD5

46f8b0698e85357a979a2cf854d7dc16
SHA1

7565cb6ebc36a669bdd8937f2eeb67778a9180fe
SHA256

88f39cfd787dda1b94de96b48b9ceb921ebea0b0f69f97389a82a90585676ea1
SHA512

a90aafdc1bceb297264671f5b4d11a07114f207cbcfd61cbeb43cdb62957b6696c35dfd0859efa88912ef89e17df5e1287ae6fdb5e9ae009987cc918b5babc62
SSDEEP

384:QyWMPvsytDWW80X+xT9o25TyrHLM7+qdDvFpwyVuP3x5Ylo/LsL7LkLbg:8HgDWt9TU8p9/wyV+3xelozA/o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46f8b0698e85357a979a2cf854d7dc16_JaffaCakes118

Files

46f8b0698e85357a979a2cf854d7dc16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8f044e5dd90d997a782eddae69eeba6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetTempPathA
GetModuleFileNameA
GetVersionExA
SetFilePointer
WriteFile
GetFileSize
GetSystemDirectoryA
SetUnhandledExceptionFilter
GetCommandLineA
CloseHandle
GetCurrentProcess
WriteProcessMemory
ReadFile
GetLocalTime
GetStartupInfoA
GetModuleHandleA
HeapAlloc
GetProcessHeap
HeapFree
ExitProcess

user32

wsprintfA

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyA

shell32

ShellExecuteA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 854B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ