44a4d685060ec1df3a256feac2cc5b7a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44a4d685060ec1df3a256feac2cc5b7a_JaffaCakes118
Size

59KB
MD5

44a4d685060ec1df3a256feac2cc5b7a
SHA1

a06984077cfaf0857e6bf147fda9067513166c2f
SHA256

d7b157158dba41ae13b1714dbb70c5c12ff3b617d87130ec563755973a002ff9
SHA512

2f428d9f1b595d033e44a17c5fd3c06fe544aa20dd36942ad12f881ed40b76586df750f2f93d85e94d115ba81db2ed6d4d6230d6eb12c6d31f9a16d5a64c2080
SSDEEP

768:cC0VywC72XzGpb2QmrhbJc/waiVRa56fMTIGdmZE4j6oGz1PJ:cVVy2XzGpt/wV46ETIcmZljxA1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44a4d685060ec1df3a256feac2cc5b7a_JaffaCakes118

Files

44a4d685060ec1df3a256feac2cc5b7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d735237a63b4ca5658f68b0fd435c23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_hwrite
PurgeComm
RequestWakeupLatency
ReadConsoleOutputA
SetLocalPrimaryComputerNameW

ntdll

RtlActivateActivationContext
RtlTimeFieldsToTime
RtlRegisterSecureMemoryCacheCallback

advapi32

RegRestoreKeyA

gdi32

SetDIBColorTable

oleaut32

SafeArrayCreate
SafeArrayGetVartype

shlwapi

SHLoadIndirectString

shell32

SheGetDirA
SHUpdateImageA

iphlpapi

GetIpErrorString

rasdlg

DwTerminalDlg

Exports

Exports

K7Vik9STstXS0RZc1OfTH
cTTk8EAlhrlWhv58N
eMIopehl9HoT
faw270FonyrJpHi
o0I851thEvG705c39WG0

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE