94ba36b31dabd9099ecb443469a444b7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94ba36b31dabd9099ecb443469a444b7_JaffaCakes118
Size

17KB
MD5

94ba36b31dabd9099ecb443469a444b7
SHA1

4ac6d1647b8d26fb8ec04040dee270b68d9b2edb
SHA256

fb41c4249752888e6fa99dc7e98b97eab48cbcfc45fc0f9fa2e75c43a426b282
SHA512

f50a303c06d8ffd01c1bb1053bfe113d75994be9b9a3b6ceef151d58c3a2f5056f11a852ec60d3c888cbbf2cf257f487ad9e770fb7426059c60c4cdd68e6d8b8
SSDEEP

192:6Z72H61z+h77OO9HteGZcO49mxMNeTL3TNeT4+vDuspaeT5vOiXeSud+oBTADQa9:q6H6y7OO9X8mMNeLNek+vDfcuDuODE/2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94ba36b31dabd9099ecb443469a444b7_JaffaCakes118

Files

94ba36b31dabd9099ecb443469a444b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

706d44a32ef848350727003c6eb113ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
SetLocalTime
ResetEvent
GetLastError
GetDiskFreeSpaceExA
IsBadStringPtrA
FindClose
FreeConsole
GetLogicalDrives
GetCommandLineA
GetModuleHandleA
LocalFree
SetLastError
Heap32First
TlsGetValue
CloseHandle
EnumResourceTypesW
VirtualProtect
IsBadReadPtr
CancelIo

user32

GetScrollBarInfo
GetKeyState
CreateMenu
DispatchMessageA
CopyImage
DragDetect
GetUpdateRect
GetMessageA
EnableWindow
CreateWindowExA
IsIconic
CloseWindow
DialogBoxParamA

hlink

HlinkNavigate
HlinkCreateFromString
HlinkCreateFromData
HlinkClone
HlinkOnNavigate

advapi32

RegCloseKey

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ