b46799d6c21b1a28eae629623ebcb708_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b46799d6c21b1a28eae629623ebcb708_JaffaCakes118
Size

244KB
MD5

b46799d6c21b1a28eae629623ebcb708
SHA1

93577c4bf86b9de3f9afd436405334fde120ffac
SHA256

bba655aec8ff912054e8b13b1c65c6fbf5c410525998754d8b59f2597ea1fd0c
SHA512

9bb7ef8a8a0852b23153bf56e5fefc1e660e3e7b9b6ed03b99375895034295ef20d739ae5a03658c093db73e7c1350a626709cd4d1f45d2a6b926bdc79ce4b78
SSDEEP

6144:94spes4G1+JW4o1ISKEEoR9tUAxqcLjsj5sWUzrbwnVe:hR1+jSpEoRzUA4Usj5sWUznwnI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b46799d6c21b1a28eae629623ebcb708_JaffaCakes118

Files

b46799d6c21b1a28eae629623ebcb708_JaffaCakes118
.exe windows:4 windows x86 arch:x86

213f117419054ae17db342aec8777d88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
TlsFree
GetModuleHandleA
InterlockedExchange
CloseHandle
GetStdHandle
HeapReAlloc
GetACP
CompareFileTime
lstrlenA
HeapWalk
VirtualProtect
GlobalUnlock
GetVersion
GetConsoleCP
GetProfileIntA
LoadLibraryA
GetTickCount
WaitForSingleObject
TlsGetValue
FindAtomA

user32

GetKeyboardLayout
ModifyMenuA
SetWindowPos
DestroyMenu
SetPropA
EnableScrollBar
GetMenu
InflateRect
UpdateWindow
PostMessageA
GetScrollRange
MessageBoxA
CreateCaret
DispatchMessageA
LoadIconA
ShowWindow
GetMenuStringA
GetSubMenu
SubtractRect
GetWindowTextA
CopyRect
DialogBoxParamA
EqualRect
InsertMenuA
GetDlgItem
PostQuitMessage
TranslateMessage
PaintDesktop

msi

MsiEnumClientsA
MsiDoActionA
MsiGetMode
MsiEnumProductsA
MsiCloseHandle

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ