44abaddbe2e3429312be1cbf86884222_JaffaCakes118 | Triage

Sharing

General

Target

44abaddbe2e3429312be1cbf86884222_JaffaCakes118
Size

144KB
MD5

44abaddbe2e3429312be1cbf86884222
SHA1

fa46b9d0f20c8d12aac0f19b6efeeafc7aa988a4
SHA256

22d45c7e1e718ab1c3abcb2d2f763355f98e225da996a4f5671491be5ee84ef6
SHA512

4191946d401b7b33c4a548ae9ed1cd4108e865cd1445c2a034f291bcffbc27b3679781d58f0e29f3aa225a8df5793b9ca04a00697e92600fefd940343ca8a3b9
SSDEEP

3072:k7TdBSEQ0oulT0BO+6RnDiKi8H42tnXVha5g4i5iWpfjDQv4P5i:s79QzLw9DfDVw5gX5iWpfvQwPc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44abaddbe2e3429312be1cbf86884222_JaffaCakes118

Files

44abaddbe2e3429312be1cbf86884222_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f846b0159f6d79c6ddd1ac29f49f6424

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetOEMCP
CloseHandle
GetModuleHandleA
CreateHardLinkA
GetUserDefaultLangID
GetStdHandle
GlobalLock
FormatMessageA
GetCommState
ExitProcess
CreateJobSet
GetVolumePathNameA
GlobalFree
EnterCriticalSection
ClearCommBreak
GetProcessHeap
GlobalFlags
FindAtomA
GetTapeStatus
GetProfileStringA

user32

GetForegroundWindow
ShowWindow
DrawEdge
BeginPaint
GetWindowTextLengthA
GetParent
RegisterClassA
GetClassInfoExA
IsIconic
GetWindow
ValidateRect
ReleaseDC
EndPaint
GetClassNameA
CloseWindow
GetDC
GetFocus
GetWindowTextA
GetActiveWindow

gdi32

GetColorSpace
GetCharWidthA
CreateDCA
CreateDIBitmap
ExtCreatePen

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ