d44f9ad052ed94ff8980601e29453de4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d44f9ad052ed94ff8980601e29453de4_JaffaCakes118
Size

476KB
MD5

d44f9ad052ed94ff8980601e29453de4
SHA1

ecfc37496d1a0052341a48844f50f89bf48ef747
SHA256

4ca7cbedc54a1c612013d13edaa890f3ba846ce1e6d2e58d2067efb5ccdfd05a
SHA512

598d38d19e78e7cd3c9d851ba43fe887301894d4f3cb155dfd78f3bb42837c48784eeb6026640b1ff1c7ed9a34112a7a74a0f742bd55a8727fcf0c7014e9d6c8
SSDEEP

12288:d4g5OmARAJ+buVNIVCbyri2kQy7d1CQPBHROmL:PXauVGVYyrBkBJRL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d44f9ad052ed94ff8980601e29453de4_JaffaCakes118

Files

d44f9ad052ed94ff8980601e29453de4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac3bdb9065652cb66b2c9043c22c7745

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetCurrentThread
ExitProcess
GetFileType
Sleep
VirtualFree
VirtualQuery
HeapCreate
WriteConsoleA
TerminateProcess
LocalFree
GetStringTypeW
HeapReAlloc
GetACP
CloseHandle
SetUnhandledExceptionFilter
InterlockedExchange
UnmapViewOfFile
GetModuleHandleA
GetStringTypeA
CreateThread
SetFilePointer
GetProcessHeap
GetProcAddress
DeleteFileW
HeapSize
WideCharToMultiByte
GetCPInfo
CreateDirectoryA
LockResource
GetConsoleOutputCP
LocalAlloc
GetLocaleInfoA
GetEnvironmentStrings
LoadLibraryExA
GetCurrentProcess
FreeEnvironmentStringsA
LoadLibraryA
GetModuleFileNameA
FlushFileBuffers
GetEnvironmentStringsW
GetVersionExA
GetTickCount
HeapDestroy
VirtualProtect
FreeLibrary
WaitForSingleObject
lstrcmpiA
lstrlenA
GetSystemInfo
GetStartupInfoW
LCMapStringW
EnterCriticalSection
GetStdHandle
HeapFree
GetLastError
VirtualAlloc
GetCommandLineA

Sections

.text
Size: 448KB - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ