444f45c10ce05e6821c19b183b2e1363_JaffaCakes118 | Triage

Sharing

General

Target

444f45c10ce05e6821c19b183b2e1363_JaffaCakes118
Size

9KB
MD5

444f45c10ce05e6821c19b183b2e1363
SHA1

da9ad0c586556c2c3973731b9ebd05c21011f60a
SHA256

ad4bb6e36aa44c8f7b7a8e330165f2f075a1a72b9d48be2a72411eb7cf0bbffa
SHA512

09ae21cbac4873999dda1f0f4cf0f0f0c29001eb27164df380027b5a4fdca7fe64175b804f13bc80d8206bff27f6d72f0d4da1db17adbb2813c9fc79a33d497d
SSDEEP

192:gDlxgYPokVgcWHb8AxyAFPMx/lUP1oyn:FDkVgcWEAxMx/81

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
444f45c10ce05e6821c19b183b2e1363_JaffaCakes118

Files

444f45c10ce05e6821c19b183b2e1363_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43742496efac5135aed110738253888e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
lstrcatA
lstrcpyA
GetCurrentThreadId
GetLastError
CreateMutexA
Sleep
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetModuleHandleA
DeleteFileA
GetCommandLineA
WinExec
GetTickCount
ExitProcess
GetStartupInfoA

user32

CreateWindowExA
RegisterClassA
DispatchMessageA
TranslateMessage
GetMessageA
PostThreadMessageA
EnumWindows
ShowWindow
GetWindowThreadProcessId
IsWindowVisible
DefWindowProcA
WaitForInputIdle

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA

msvcrt

exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
strrchr
malloc
strchr
_exit
_XcptFilter
__getmainargs
_acmdln

Sections

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE