44f1d88c81bb43a57f00927a254025e0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44f1d88c81bb43a57f00927a254025e0_JaffaCakes118
Size

121KB
MD5

44f1d88c81bb43a57f00927a254025e0
SHA1

204f7587dc4527a4723881be8e35b4b4dc02fd4a
SHA256

0961c09b6429f3ba2ea425e4336bd7e962a5491aac99fde53c33264ab80a8f3b
SHA512

9bf7887d7faa16df0687761e5e9e4a7d87eaeb7a35a3747f55e8ebcd1d82fb16f90085fcc6f982ebe6303997653a844a646188cab7f128b083005dfad07fef96
SSDEEP

1536:TJqBkhKjFgPQNZeFVkJ/eLijGmOi3V5O1H9itGRgtoG1mjMPxGjBXcG+Nj:T14jFqQNZRl7FOiF5IHMGe+GgMGj5I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44f1d88c81bb43a57f00927a254025e0_JaffaCakes118

Files

44f1d88c81bb43a57f00927a254025e0_JaffaCakes118
.exe windows:8 windows x86 arch:x86

f8570c754a04e0e239bad271eeaa8cc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
LoadLibraryA
GetDiskFreeSpaceW
GetStringTypeW
FindResourceW
GetPrivateProfileSectionA
GetACP
GetLongPathNameA
GetModuleHandleW
WriteFileEx
WaitForSingleObject
InterlockedIncrement
VirtualAllocEx
GetExitCodeProcess
Heap32First
ExitProcess
GetDiskFreeSpaceW
lstrcmpA
GetCurrentDirectoryA
GetPrivateProfileIntA
SetEnvironmentVariableA
InterlockedDecrement
GetPrivateProfileIntA

apphelp

ApphelpCheckIME
ApphelpCheckExe
SdbCreateMsiTransformFile
AllowPermLayer

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE