bb46059b9c533464908780c8e0d06127_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb46059b9c533464908780c8e0d06127_JaffaCakes118
Size

330KB
MD5

bb46059b9c533464908780c8e0d06127
SHA1

aa346d532f03ec52d145691eafb121689724f239
SHA256

857de85500f95fd37f2f93b0f30296dd038069175daff24cc013a34273f88a8b
SHA512

8235ba8abd725ac82d60ed82717ae9754474b4962146f936d82c521929fd09a6f511f6d5fddf7b252afea3f319544c14c0f260452bc66bd801eb28d4a1dd322e
SSDEEP

6144:qB/g/J/NHisQy/rUddVWom0dwk0ce6xqTyPJk/BgT95lXmoAyOCwdSDbk9CZ7i:qB/g/J/NHismvAo1dw4x4yP2/BYzRnen

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb46059b9c533464908780c8e0d06127_JaffaCakes118

Files

bb46059b9c533464908780c8e0d06127_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82de1f25da97ce15f39c76c8fafded2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
SetLastError
IsBadStringPtrA
lstrlenA
LocalFree
TlsGetValue
GetConsoleTitleA
FreeConsole
GetLastError
GetModuleHandleA
IsBadReadPtr
GetCommandLineA
VirtualProtect
GetStdHandle
CloseHandle
Heap32First
ResetEvent
CancelIo
GetDiskFreeSpaceExA
EnumResourceTypesW

user32

IsIconic
CopyImage
GetKeyState
GetScrollBarInfo
CreateMenu
DragDetect
CreateWindowExA
GetMessageA
GetUpdateRect
DialogBoxParamA
DispatchMessageA
CloseWindow
EnableWindow

hlink

HlinkNavigate
HlinkCreateFromString
HlinkCreateFromData
HlinkOnNavigate
HlinkClone

advapi32

RegCloseKey

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ