a44212a73c19c0f9430ceb747279c65c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a44212a73c19c0f9430ceb747279c65c_JaffaCakes118
Size

480KB
MD5

a44212a73c19c0f9430ceb747279c65c
SHA1

910668017b04b3007e3ee9183c0372c53fbdab9c
SHA256

97cd32127469d3b075328dd33cc953d77afab415176ac5ae19bdc2dbb9b2a86f
SHA512

8d554af1d59bcbf806180f104baf9796a500b232cc208f649a685121eeaf0fd15ba244dba9271cedf944e81eed6874af61beabc2a88d31c91833732cc9d730e4
SSDEEP

12288:ZNqJhPQ1pNZDSPTNc/bYRJ9wqNRQlbmA5:ZsJhY1xuIY3my6Cw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a44212a73c19c0f9430ceb747279c65c_JaffaCakes118

Files

a44212a73c19c0f9430ceb747279c65c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

04dc38ac030c162a65e99e85fa45ec44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
ResumeThread
SetThreadContext
WriteProcessMemory
VirtualAllocEx
ReadProcessMemory
GetThreadContext
VirtualAlloc
CreateProcessA
GetProcAddress
GetModuleHandleA
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleFileNameA
Sleep
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 456KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ