44b3ce739af8e1309ba4a775e9f4a237_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44b3ce739af8e1309ba4a775e9f4a237_JaffaCakes118
Size

186KB
MD5

44b3ce739af8e1309ba4a775e9f4a237
SHA1

1a2b89b29fbb01dbb93b7cace02717122d6e96a7
SHA256

5b5e04cb6de73e40aed35dc7e7b6d421e8414b2187d0b44f5155eed5ab9abe93
SHA512

15649f3a49cd2e70c5675af4f5bc1bbe24e358c35edf7fbca2c8c33a2ab216ebb2358e3ad010cc828e76ea16fe1071db394c07f3321660896235c61acd1f0973
SSDEEP

3072:+vJqfcjV+wsuQXlGSDHqpETsa+cgTMpGmsHx/NXVyrpRECA1s1r/GtO:+IfWJsuQXPDHqpE7gTMpG/ZNFy1mCA1U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44b3ce739af8e1309ba4a775e9f4a237_JaffaCakes118

Files

44b3ce739af8e1309ba4a775e9f4a237_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79e7864158abbd62f5502b3a980c1a5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shlwapi

PathAddBackslashA

kernel32

GetAtomNameW
lstrcpyA
GetFullPathNameA
IsDBCSLeadByte
GetFullPathNameW
GetTickCount
GetProcAddress
OutputDebugStringA
Sleep
InitializeCriticalSection
EnterCriticalSection
WaitForSingleObject
GetTempPathA
EnumResourceNamesA
CreateThread
GetTimeZoneInformation
FileTimeToSystemTime
QueryMemoryResourceNotification
SetEvent
LoadLibraryW
DeleteCriticalSection
LoadLibraryA
ResetEvent
LeaveCriticalSection
FreeLibrary

msimg32

AlphaBlend
TransparentBlt

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ