44b27da31451a805953af59196b81931_JaffaCakes118 | Triage

Sharing

General

Target

44b27da31451a805953af59196b81931_JaffaCakes118
Size

9KB
MD5

44b27da31451a805953af59196b81931
SHA1

a73e0f64697f66bcb025f6176747c5af73a836b1
SHA256

fde8657398dae8ac5b64528fa16560a79671d1910b2bea3a0e9c9f1fd50d2c47
SHA512

973101ed9e12a3cf0520e58b366b770a86a0ca8121739a72a3d819dee32d4e8f1349bcd8eec0a079a39a941828023ec88cd506905eff84b997fb6115668f4353
SSDEEP

192:jMgv2wJa0fh3sk0wMUzzff6WOBHQJ37BjF4G7W3bg/xF6H:FQ0R/Fp5mG7WLJH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44b27da31451a805953af59196b81931_JaffaCakes118

Files

44b27da31451a805953af59196b81931_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2054a380f7f9e6b9ef6b259b1abadfed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
CreateProcessA
GetCurrentThread
GetStartupInfoA
GetCurrentThreadId
GetCurrentProcess
GetThreadPriority
CancelIo
GetTickCount
GetProcAddress
GetCurrentProcessId
lstrcatA
FreeLibrary
LoadLibraryA
MoveFileExA
lstrcpyA
CreateFileA
lstrlenA
GetTempFileNameA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
GetSystemDirectoryA
GetModuleFileNameA
GetTempPathA
GetShortPathNameA
GetLastError
CreateMutexA
FindFirstFileA
CloseHandle
HeapAlloc
GetProcessHeap
HeapFree
WriteFile
ExitProcess

user32

GetActiveWindow
wsprintfA
GetCapture
GetTopWindow
SetActiveWindow

gdi32

CancelDC
GetBkMode
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
GetBrushOrgEx

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 58B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ