44bdac1fc20c2ea36b70e36a92cb2edc_JaffaCakes118 | Triage

Sharing

General

Target

44bdac1fc20c2ea36b70e36a92cb2edc_JaffaCakes118
Size

33KB
MD5

44bdac1fc20c2ea36b70e36a92cb2edc
SHA1

08778632dbf6f3bf5d1026b99c326daa19460b29
SHA256

4d5c9e5962c15f7fb986bf9be928ffd0d358ffef2698a482e34a334c15a9a1a7
SHA512

25878b8542e729170dc316d742eebeb3d40e34b1ba0ff90fa72c9a538bea2e1e865ecb3289a9033904fda157a596fd7384397181908696fdd108c8fd85ac938e
SSDEEP

768:iOhr7n7ImfHd5Q5dYEd908u/aiV0VoOZ6wiF:iOhrb0sceEz0jiw0W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44bdac1fc20c2ea36b70e36a92cb2edc_JaffaCakes118

Files

44bdac1fc20c2ea36b70e36a92cb2edc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dbb1e52f56f2f57fca31f792851a80b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomW
CreateNamedPipeA
GetCommModemStatus
GlobalWire
VirtualProtect
FindNextVolumeA
GetLocaleInfoW
ClearCommBreak
GetPrivateProfileSectionW
GetDateFormatA
GetConsoleNlsMode
GetConsoleScreenBufferInfo
VerifyConsoleIoHandle
LoadLibraryExA
CreateNamedPipeW
CopyFileW
GetSystemDefaultUILanguage

user32

WINNLSGetEnableStatus
SetWindowsHookExW
EndMenu
WINNLSEnableIME
DrawFrame
GetWindowModuleFileNameA
SetSysColorsTemp
SetWindowStationUser

shell32

SHGetNewLinkInfo
SHAddToRecentDocs
SHGetNewLinkInfoA
SHQueryRecycleBinA
StrCmpNW
SHGetNewLinkInfo
SHGetFileInfo
SHBrowseForFolderA

Exports

Exports

Qohgpiqytta
Bdteprhd
Juugljq

Sections

CODE
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ