44f1a560a176a77e687ab1476dbd1ccf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44f1a560a176a77e687ab1476dbd1ccf_JaffaCakes118
Size

14KB
MD5

44f1a560a176a77e687ab1476dbd1ccf
SHA1

2f859d6650c0f2d3965593d5ecc88fe05a9a1574
SHA256

735a458fb1ca9e2413a150cce0485e6c91d149e13a41db7e77c49ac648a94e34
SHA512

7d9bf5e5979ba0c13f30748533c39596633a050beefdb28781eb1d9a657938f86f619338b4e102c63a46634ea8d725f1b762390a31a4acee29e1314702aa30e7
SSDEEP

192:6+0wAG/OyoKS9UhX1IOqfs1EAUWfBmMNeTL3TNeT4+vD:FjOyq9UhlrMs3fsMNeLNek+vD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44f1a560a176a77e687ab1476dbd1ccf_JaffaCakes118

Files

44f1a560a176a77e687ab1476dbd1ccf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41f4613a6d3b6e20d3676b3dbb549d13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
TlsGetValue
VirtualProtect
FreeConsole
GetModuleHandleA
CreateSemaphoreA
CloseHandle
GetCommandLineA
DeleteCriticalSection
ReleaseMutex
GetVersionExW
FindClose
SetLastError
SetEvent
GetTickCount
GetLastError
SearchPathA
GetComputerNameA
CreateMutexA
Sleep

advapi32

RegEnumKeyExA
LsaFreeMemory
RegCloseKey
IsTextUnicode
CloseTrace
FreeSid
LsaClose
CloseEventLog
IsValidSid
LsaSetSecret
GetFileSecurityA
RegCreateKeyExA
OpenEventLogA
RegLoadKeyA
RegCloseKey

loghours

DialinHoursDialog
DirSyncScheduleDialog
DialinHoursDialogEx
LogonScheduleDialog
DirSyncScheduleDialogEx

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ