JaffaCakes118_44cc3c802fd02f134929bc18c79c5b54 | Triage

Sharing

General

Target

JaffaCakes118_44cc3c802fd02f134929bc18c79c5b54
Size

185KB
MD5

44cc3c802fd02f134929bc18c79c5b54
SHA1

4b02948c1f2ef73a71aa7212649b8aa4a50cf0b3
SHA256

13b5f15799beedb19ebbaebda1e2907f3736be18d2f8f328ffbe3f4ea056450b
SHA512

baf9cc73843d92070ec0e191714cd12ba26318b1e59f81eb09063c6bbd907ed254aaf1d5265b8ac1fc219d7936fa94bea1b894b5add2c2c40d641729d50224d6
SSDEEP

3072:pGSyJii04Cjd9nRARiyiHBLilOPAys0CXAORDQNA8RISOJ4OyDeMhCtZ18/fLe0p:pGSti04GR6iL4byLtOsQSEDySMKZ18bx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_44cc3c802fd02f134929bc18c79c5b54

Files

JaffaCakes118_44cc3c802fd02f134929bc18c79c5b54
.exe windows:4 windows x86 arch:x86

4143f0dd8c299b6cdb98b6e978e48e08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFileAttributesA
UnhandledExceptionFilter
GetStringTypeW
SetFilePointer
GlobalFindAtomA
CreateFileA
WriteFile
LCMapStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDiskFreeSpaceA
SetStdHandle
FlushFileBuffers
VirtualProtect
GetStringTypeA
IsBadReadPtr
EnumResourceNamesW
FindFirstFileA
ReadFile
IsBadCodePtr
WideCharToMultiByte
GetStringTypeExW
LCMapStringA
GetEnvironmentStrings
GetOEMCP
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetThreadLocale
GetFullPathNameA
GetCPInfo
MulDiv

shlwapi

SHGetInverseCMAP
PathAppendA
SHCreateStreamOnFileEx
PathIsContentTypeA
PathIsFileSpecA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 94KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ