d44f4ced83e4bcd7ee0d90abeb73c2a4_JaffaCakes118 | Triage

Sharing

General

Target

d44f4ced83e4bcd7ee0d90abeb73c2a4_JaffaCakes118
Size

120KB
MD5

d44f4ced83e4bcd7ee0d90abeb73c2a4
SHA1

59b3afe0208f533ed727c0f949d5fd15b0529f60
SHA256

ca6dd71f871e058ed817ac5924fefee978cc9f9035f9950d61d5df5f9638e417
SHA512

da8cdfcd2cb5cdc70489e23f1db9a6913e4188b7f15b3ae6873e8ff0ccdd92fd2cc7fe50cded0d2894c98640a16dea7188d5fe560e37a2256403324eb2c92460
SSDEEP

3072:VQVnnBz6UdEXT1J4ImFVgdyYxXwqD5j8AFWQ1RWUDXPz7+W:VQVnBz/d1s0cXwu5YGV1AuWW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d44f4ced83e4bcd7ee0d90abeb73c2a4_JaffaCakes118

Files

d44f4ced83e4bcd7ee0d90abeb73c2a4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

647f3d10a4c6edf65b64b17e67142e0e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
Sleep
VerLanguageNameA
WriteConsoleA
OutputDebugStringA
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
lstrlenA
CloseHandle
HeapReAlloc

user32

CreateWindowExA
MessageBoxA
GetSubMenu

gdi32

TextOutA

comdlg32

PrintDlgA

shell32

SHGetFileInfoA

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 934B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ