44a7e15d5123aee8d817c10b7ea01b5b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44a7e15d5123aee8d817c10b7ea01b5b_JaffaCakes118
Size

328KB
MD5

44a7e15d5123aee8d817c10b7ea01b5b
SHA1

5d7667f0acc965311ed4a7d870919e0eff0b747f
SHA256

a7a74923c11731889357c56f3dafd806d30589ff7b6cfa3e6199493765af87a7
SHA512

743a90a270bf324e536a931211ee44efa150cc94f4f63244f1488b942111123427056ec392a516377f95f1acc96ecae888254c82e5d2f3587aab2f22ea1d7a83
SSDEEP

6144:ixVpBMDHXxy+CdFr/GJS0hGaMUXjyIU4Ozwp05M8:87OD3wDjTGJZcatjQXzksM8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44a7e15d5123aee8d817c10b7ea01b5b_JaffaCakes118

Files

44a7e15d5123aee8d817c10b7ea01b5b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

61e9d5927e4317a8bd0ea5588aa8bce5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
GetCommandLineA
WaitForSingleObject
SetConsoleCP
GetTickCount
HeapCreate
GetModuleHandleA
CloseHandle
SearchPathA
GlobalUnlock
HeapReAlloc
GetVersion
GetAtomNameA
lstrlenA
VirtualProtect
GetStdHandle
GetSystemDefaultLangID
WaitForMultipleObjects
GetConsoleCP
SuspendThread
InterlockedExchange

user32

InsertMenuA
DispatchMessageA
GetCursorInfo
FindWindowA
MessageBoxA
GetKeyboardLayout
SetWindowPos
SetScrollInfo
DispatchMessageA
DestroyMenu
CreateIcon
GetDlgItem
EnableScrollBar
CreateMenu
DialogBoxParamA
IsDialogMessage
InvertRect
CreateCursor
SetPropA
CopyImage
GetKeyState
DragObject
DrawCaption

advapi32

RegCreateKeyExA
RegEnumKeyA
RegCloseKey
RegEnumValueA
RegQueryInfoKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ