44816cfa52481e51bf4d89f25083a5f7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44816cfa52481e51bf4d89f25083a5f7_JaffaCakes118
Size

178KB
MD5

44816cfa52481e51bf4d89f25083a5f7
SHA1

965e83cb230b31926ab672ab81e41bc2165e9825
SHA256

e13bc469d46ad9e3fe5e5e6223be4c2688739729e7d83145774e6c36fc456981
SHA512

6fbdf94948eca4bd3438f691d335e221d7c83d99c5bf1a141c27cf5a5991c30e876a68376670688448dc2d8361becb845743172f7c11ac0759ad30df8e2dd83b
SSDEEP

3072:tpJUvQ+24LTWa/8NbYRDhpmQPxLBvCE6qDEIJHE8a6zgpTpOuZl8r5fs41e:mQ+2eWfWVhzxFv6VIxhaTMw0fN1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44816cfa52481e51bf4d89f25083a5f7_JaffaCakes118

Files

44816cfa52481e51bf4d89f25083a5f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5aaab810bd9de630e0eeba29d7879b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetDefaultContext
CoUninitialize
CoTaskMemAlloc
StringFromGUID2
CoInitialize
CoTaskMemFree

kernel32

GetCalendarInfoW
FreeLibrary
GetProcAddress
lstrcmpiW
GetLastError
GetModuleHandleA
lstrlenW
SetLastError
GetFileAttributesW
MultiByteToWideChar
DuplicateHandle
GetCurrentDirectoryW
LocalFree
SetEnvironmentVariableW
OutputDebugStringA
GetCurrentProcess
InterlockedExchange
OutputDebugStringW
EnumResourceNamesA
GetModuleFileNameW
GetProcessId
InitializeCriticalSection
LocalAlloc
WideCharToMultiByte
GetFileInformationByHandle
GetModuleHandleW
SearchPathW
ExitProcess
CreateDirectoryW
VirtualProtect
VirtualQuery
GetCurrentThreadId
Sleep

shlwapi

StrDupW
PathIsUNCW
PathSkipRootW
SHRegGetValueW
PathGetArgsW
PathFindFileNameW

gdiplus

GdipGetImageWidth
GdipDisposeImage

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ