JaffaCakes118_44fbd9d7c8912ad50f2eabc715efb000 | Triage

Sharing

General

Target

JaffaCakes118_44fbd9d7c8912ad50f2eabc715efb000
Size

172KB
MD5

44fbd9d7c8912ad50f2eabc715efb000
SHA1

fec8dfacc5054e63c3c65d1c69cc0f3923164efc
SHA256

118a5e065609e7ab81803b48a2f0da65d16b80234db23f40199d001cf078c0ee
SHA512

3f6e1783e3b40fcbcd6ad586b323c549aa562622fbbe449d1643f3959e19ae2aaf350620ea760a3b1d00a9a2ac19343c594ed778a9fe02c0d3cf40759c641ffb
SSDEEP

3072:oV16GDa89pb2d3xZnDhCz0kcUnjtJcNT9M8zeEQ8v6e3DMz4ZQOL2xwGjhP2zH:EQGMdhVDhCzCQBJmFeE5BXZJIhPA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_44fbd9d7c8912ad50f2eabc715efb000

Files

JaffaCakes118_44fbd9d7c8912ad50f2eabc715efb000
.exe windows:4 windows x86 arch:x86

a6044c53353576bb577936437c8abf4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextExtentPointA
GetTextMetricsA
DeleteObject
GetDeviceCaps
SelectObject
CreateFontIndirectA

kernel32

GetThreadLocale
GetLastError
GetCPInfoExW
GetOEMCP
InterlockedIncrement
WriteFile
GetACP
DeleteCriticalSection
InterlockedExchange
UnhandledExceptionFilter
TlsSetValue
FreeEnvironmentStringsA
GetCPInfo
lstrlenW
FreeEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
QueryPerformanceCounter
EnumResourceTypesA
GetLocaleInfoA
LeaveCriticalSection
GetStartupInfoA
HeapSize
GetFileType
RaiseException
MultiByteToWideChar
GetStdHandle
InitializeCriticalSection
EnterCriticalSection
GetCommandLineW
TlsGetValue
GetEnvironmentStringsW
GetVersionExA
GetTickCount
SetHandleCount
GetCurrentProcessId

msimg32

AlphaBlend
TransparentBlt

ole32

CoGetMalloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ