946394d0cb349d1ee532d8a6366a1fe9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

946394d0cb349d1ee532d8a6366a1fe9_JaffaCakes118
Size

261KB
MD5

946394d0cb349d1ee532d8a6366a1fe9
SHA1

15c246e06888c3863387d276e803bd13e6d3a828
SHA256

7b0417f4bb923e7bc71cd5a447df6b181abc724ed346fcf08cc6f2e54dac9fad
SHA512

d8423e5e803dd4c1c33fcb95e8978b3b41e7dd5b059494f067dac3d3612b64b20dacb58608ae0e2f831a7699227b0781e68c484c6880325349eaf75a20dd4746
SSDEEP

6144:7Y45n3XsqV6vNPphRLzYkpwfA8pj4nk2018XS9:7Y8nqvNhhRAnj26I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
946394d0cb349d1ee532d8a6366a1fe9_JaffaCakes118

Files

946394d0cb349d1ee532d8a6366a1fe9_JaffaCakes118
.exe windows:1 windows x86 arch:x86

475a07371e705a75ffb6c786f92928f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetDlgItemTextA
SetTimer
GetWindowTextA
GetWindowTextW

kernel32

GetCommandLineA
VirtualProtect
ExitProcess
WaitForSingleObject
GetFileAttributesW
MoveFileW
VirtualFree
LoadLibraryA
SleepEx
ExitThread
SetLastError
GetFileSize
GetLastError
CreateMutexA
CreateFileW
GetProcAddress
CreateMutexW
GetModuleHandleA
VirtualProtect
VirtualAlloc

advapi32

RegCreateKeyA
RegSetValueW
RegSetValueA
RegOpenKeyExW

Sections

.data0
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ