44c1138882b171acfa0dabdb4e9738a9_JaffaCakes118 | Triage

Sharing

General

Target

44c1138882b171acfa0dabdb4e9738a9_JaffaCakes118
Size

4.1MB
MD5

44c1138882b171acfa0dabdb4e9738a9
SHA1

ef5b7ac391246579fb9f39241f9b53804d7626da
SHA256

ff5ed1bd56e87e1acc782c567eb4c58eda29eb6f1ce26850629f9933d8ab0de8
SHA512

4074d1e26a04b1ddef7e3513e022d430df8d8207def8728209bc4fce8a8e1d7338ba4c338d305fd7f4317af7a327d33e75ab03ef38438c349356ab2ad3f5f58b
SSDEEP

98304:SF1qy1PpR+NHZBOs5Psx7qDIg0NuL7hkcrgclF7rw/5irJsUyQN:SP1xR+NHZax0IgguXOcRFYJUN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44c1138882b171acfa0dabdb4e9738a9_JaffaCakes118

Files

44c1138882b171acfa0dabdb4e9738a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baad0705e5e50d6c4fad2b267e67b328

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
CloseHandle
LoadLibraryA
ExitProcess
CreateFileA
GetCurrentProcess

user32

CloseWindow
SetWindowLongA
CreateWindowExA
CharLowerBuffA
wsprintfA

advapi32

RegDeleteKeyA
RegEnumValueA
RegDeleteValueA
RegQueryValueA
RegCloseKey
RegEnumKeyA
RegCreateKeyA
RegSetValueA
RegOpenKeyA

Sections

.text
Size: 4KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ