44595d35908ca0e23e38da3199e5ac63_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44595d35908ca0e23e38da3199e5ac63_JaffaCakes118
Size

64KB
MD5

44595d35908ca0e23e38da3199e5ac63
SHA1

aebd86214c4c30931a112d4ed5a025dccd20dc10
SHA256

be4d66ebc936adcaed01695c34f21d2035ab37d43547bd5b22d57f3ed7f8b5d4
SHA512

7c20f9db2f63d7f655c14b9f52c353058b7ac6b053951cba80a478620552897719ff9c8d4a47128238239dce7ce7c6de8d06ea4aafc84abbab67269dbacd5e4e
SSDEEP

1536:LMmCGWNvD+gVSw3a90xuR+3jKry/kqn0NwuV+t7jlK1o:LM4WNvDFVDa908mjctGTuVMl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44595d35908ca0e23e38da3199e5ac63_JaffaCakes118

Files

44595d35908ca0e23e38da3199e5ac63_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6764baeb8d960aa00c9977cb9882bb94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DriveType
FreeIconList
OpenAs_RunDLL
SHFindFiles
SHFree
SHUnlockShared
PathResolve
SheConvertPathW

kernel32

ExitThread
CreateThread
FatalExit
ExitProcess
CreateThread

user32

GetMenuState
CharToOemW
GetClassWord
DestroyCursor
CreateIconIndirect
FindWindowW
GetUpdateRgn

Sections

.text
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE