44c31ff4c91dbf587a94564ad44d5077_JaffaCakes118 | Triage

Sharing

General

Target

44c31ff4c91dbf587a94564ad44d5077_JaffaCakes118
Size

316KB
MD5

44c31ff4c91dbf587a94564ad44d5077
SHA1

91168e4c8b9849252725b19bbc4e76f39379b483
SHA256

d0bd7eb76619e0d14254fa3ff3172c7bd0b5078f5d58c9e2c3131b4561d6fb3d
SHA512

7a96d2a41c5dfe0e6c667b2ff2741a084e0ba105f7f7da05c2b6eabe315ca6cef821996d278ae4ddab663929f8e64ccb891517ba50fd467aaf26db297e1c2376
SSDEEP

6144:5JF4z+Jq3Ntu+FWkFip1HaTTirGWpC5mO8ij3KIz:94z19dfFib6Ti5o7KIz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44c31ff4c91dbf587a94564ad44d5077_JaffaCakes118

Files

44c31ff4c91dbf587a94564ad44d5077_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c70695b359a3dd80362572ed2aa90be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetProcessVersion
GetCurrentProcessId
GetCommConfig
HeapCreate
LoadLibraryExA
GetTimeFormatA
IsDebuggerPresent
CreateFileMappingA
GetTapeStatus
GetLogicalDrives
GetModuleHandleA
CreateHardLinkA
InterlockedExchange
HeapDestroy
GetEnvironmentStringsA
GetACP
DeleteAtom
WaitForSingleObject
VirtualProtect
GetCurrentThread

user32

DragDetect
SetActiveWindow
GetWindow
ReleaseDC
GetFocus
GetCursorPos
GetTitleBarInfo
DrawTextA
GetDlgItem
BeginPaint
wsprintfA
GetParent
GetClassNameA
ShowWindow
SetForegroundWindow
FillRect
GetWindowTextLengthA
EndPaint
FrameRect

advapi32

RegFlushKey
RegCreateKeyA
RegCloseKey
RegSetValueExA
RegEnumKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ