44102480ed9fd6965b4fe4a23cc7f79a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44102480ed9fd6965b4fe4a23cc7f79a_JaffaCakes118
Size

233KB
MD5

44102480ed9fd6965b4fe4a23cc7f79a
SHA1

7b42d61e75aa8f63fc610769ab22d23df5178c01
SHA256

8a86f5c1878ceb35a7a482b0ced56c79fb9467c26696980c68b09677b72bf615
SHA512

0506a1fd909b22bae54bb92846f13bfe7bfdbbb9dccf92462ba5f7ed7a80a0375eb5f3a113dfece67cddf98c2a78dec0687a504b56a752d6da0d1f8910e5e9b9
SSDEEP

6144:URYoNcgdbe7CIcc+3bqMutYJEYPIDyYx/SOWaQUt:FIOCIcc+3sXi0/SOQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44102480ed9fd6965b4fe4a23cc7f79a_JaffaCakes118

Files

44102480ed9fd6965b4fe4a23cc7f79a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42f2453688af9f79ad675fece40defa3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrW
EnumSystemLanguageGroupsW
GetDiskFreeSpaceExA
RtlZeroMemory
GetThreadContext
TlsSetValue
GetVersion
GetPrivateProfileIntW
EnumResourceTypesW
SetPriorityClass
GlobalDeleteAtom
GetPrivateProfileSectionW
SetThreadAffinityMask
BackupRead
GetFileInformationByHandle
_hwrite
RequestDeviceWakeup
GetComputerNameExW
ConnectNamedPipe
SetDefaultCommConfigA
SetTimeZoneInformation
FindNextVolumeMountPointA
SetFileAttributesA
EnumDateFormatsA
FreeUserPhysicalPages
GetModuleHandleA
GetComputerNameW
SetMessageWaitingIndicator

user32

GetGUIThreadInfo
BeginDeferWindowPos
IsCharAlphaW

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1009B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE