44f62faba7f87c6607e1e500ce15b56d_JaffaCakes118 | Triage

Sharing

General

Target

44f62faba7f87c6607e1e500ce15b56d_JaffaCakes118
Size

28KB
MD5

44f62faba7f87c6607e1e500ce15b56d
SHA1

aa11ca494e6c6c4249da794c3b543eac3cb1cc40
SHA256

9ea03cef79f40545218c31015212b1c21d4380a0861e429b38c7eda4e12f4893
SHA512

83a87504add894305e04d85aa11e897a7be4ccb250f3e94760050c2c81606065b7c2f4bbb93e26206ed6a15b6dee8b5cdd8c4e89e6abc661a81ac73653f9934d
SSDEEP

384:nNZyB8w7Pf69E7Mw3c2CAW64wIcctQIXAZho1VJVtqA:n748On627VUXd5bAI7JVt1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44f62faba7f87c6607e1e500ce15b56d_JaffaCakes118

Files

44f62faba7f87c6607e1e500ce15b56d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cccb4f6546b8cbe8113068d5143db32c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WriteFile
CreateFileA
ExitProcess
GetModuleHandleA
GetCurrentThreadId
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetUnhandledExceptionFilter
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeW

user32

GetInputState
PostThreadMessageA
GetMessageA

wininet

InternetCloseHandle

Exports

Exports

Fun1
Fun2

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE