440e2d4f4c34102e249d00f6e7a517f7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

440e2d4f4c34102e249d00f6e7a517f7_JaffaCakes118
Size

174KB
MD5

440e2d4f4c34102e249d00f6e7a517f7
SHA1

102e000e90f2cc255842cb38ad955d03fe0e289e
SHA256

81e53c91b0dfff9a0202633a01dd153afac15d6d8a5b2e183ec2d9b42e774243
SHA512

e5a16d75636913899495217c21ff5497220919176d2f0acdadff74da288a78a1561e60d7a81afe0317ae4d10d49c9e7198a2f243d8c377fdb278a4fc346e09e5
SSDEEP

3072:uHgFfWW7YlaHMyGFZYUm6WBN2y2XuJnsWqLviFucKAkqRS5i+XAxR:lfW0lHMyoYlB07OFqDNcKaS5iqAx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
440e2d4f4c34102e249d00f6e7a517f7_JaffaCakes118

Files

440e2d4f4c34102e249d00f6e7a517f7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f8b939df43054792c0a3c75e661a36a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\Sys Dir Win\FileDataInside

Imports

user32

RemovePropA

kernel32

CreateFileMappingA
CreateEventA
TryEnterCriticalSection
QueryPerformanceCounter
GetFullPathNameA
GetCompressedFileSizeW
GetProfileStringW
EnumResourceNamesW
FindNextFileA
OpenSemaphoreW
FindFirstFileW
GetThreadPriority
IsDBCSLeadByteEx
GetTempFileNameW
FlushFileBuffers
SetLastError

Exports

Exports

_RegisterHotKeyRegisterHotKey@0

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ