032ea26165f8a25bb3e9de75ea745fce_JaffaCakes118 | Triage

Sharing

General

Target

032ea26165f8a25bb3e9de75ea745fce_JaffaCakes118
Size

788KB
MD5

032ea26165f8a25bb3e9de75ea745fce
SHA1

73709d8bbee64ce2c3b65f3e8042fe78b4133897
SHA256

6f463f2a7ce2a7c1dc8feb8446f173b1fe2e975c928b578a8611efd2ef948f4b
SHA512

2550a01ef5cd2c66ea5ef24afb27a2a2b33fdbd5ff52ba392dcba8db536419d802b2fdd1328312608cda21af1e4b4b21e1cde67a3156b0e6a1e2e23e1a3cd6b0
SSDEEP

24576:pAWbSS4pjdxPU5uUCDZELVGxOEMFujdfyvFUX:pDSSDUUcZYVlOZ4UX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
032ea26165f8a25bb3e9de75ea745fce_JaffaCakes118

Files

032ea26165f8a25bb3e9de75ea745fce_JaffaCakes118
.exe windows:0 windows x86 arch:x86

4bda570ce112adc211f3bd7fa6b82f33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetModuleHandleA
GetProcAddress
VirtualProtect

msvcrt

malloc

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QW0
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QW1
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QW2
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xiaohui
Size: 6B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ