4e15a3547dd633da645c8fd1edb6116b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e15a3547dd633da645c8fd1edb6116b_JaffaCakes118
Size

88KB
MD5

4e15a3547dd633da645c8fd1edb6116b
SHA1

70095b089a61a05eb1203412ff0bcdb168a4b61b
SHA256

3ae7bda61eadb7ff180eeb2b59dc35834ea2a06b2da8c18d3d9e4ef573051df0
SHA512

04998744e608c8a841e3045dbe4a3170c143c0d2dc1d68cca80a146357fb2440d3cb633c7eb78da1e8768464a2bdd77979a83f54a3dcf8cead88e75d6c7b3232
SSDEEP

1536:GOU/CCdVuUB24Ngwy6SogaaQg2rz+V0PrGSSbCSL:ZSCCuS24NfyogaaQdrzFPrLTS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e15a3547dd633da645c8fd1edb6116b_JaffaCakes118

Files

4e15a3547dd633da645c8fd1edb6116b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4931b37894937f4dc2a24d67842ce9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
IsBadCodePtr
SetLastError
GetLastError
GetCommandLineA
DeleteCriticalSection
FindClose
VirtualProtect
FreeConsole
EnumResourceTypesA
PulseEvent
GetDateFormatA
CloseHandle
LoadLibraryExW
LocalFree
IsBadReadPtr
TlsGetValue
Sleep
GetDriveTypeW
GetDiskFreeSpaceExW

user32

DialogBoxParamA
IsIconic
GetMessageA
CloseWindow
GetKeyState
DragDetect
CreateWindowExA
CopyImage
EnableWindow
CreateMenu
GetScrollBarInfo
GetUpdateRect
DispatchMessageA

msasn1

ASN1BERDecEoid
ASN1BERDecDouble
ASN1BERDecCheck
ASN1BERDecBool
ASN1BERDecFlush

advapi32

RegCloseKey

Sections

.text
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ