44adf66e01d9d6d47c71f206018964fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44adf66e01d9d6d47c71f206018964fb_JaffaCakes118
Size

83KB
MD5

44adf66e01d9d6d47c71f206018964fb
SHA1

6bbf69aa5ba213c546d0a91b39ae6f0b32059e14
SHA256

98c342a23e74327ed580f0f3e4f0b67b695bf2b6d957590edeab4174948a9441
SHA512

ca12974d30b5868c50b96980b3759f7d741eadef03b1af69f8ef23fd4ef4f348d48eea6e9db388329d0d63a96665bf9ec640e77d1591f98773a48a8193b7c12d
SSDEEP

768:TPaKu2ZXb55yJGvcNvpMMPXUCDufACIlLwOBoxbY/2Sp6rKjFF:T/f15AcEDufpFp68rmFF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44adf66e01d9d6d47c71f206018964fb_JaffaCakes118

Files

44adf66e01d9d6d47c71f206018964fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32ca8d5fca836efa8536566f0eee05c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess
CreateThread
VirtualAlloc
VirtualFree
ExitThread
GetSystemDirectoryA
CreateFileA
WriteFile
CloseHandle
FreeLibrary
GetFileTime
CompareFileTime
GetModuleFileNameA
GetCommandLineA

Sections

BitArts
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 512B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE