3232b624bfbd3b17529878c0559508e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3232b624bfbd3b17529878c0559508e9_JaffaCakes118
Size

18KB
MD5

3232b624bfbd3b17529878c0559508e9
SHA1

691725ea72379f9d3418bced683585222a709cfc
SHA256

cdfdd0572ea2ce7c3902989f6a36804c58bdd89353c17c61ee263271a97edf99
SHA512

289e8d4a590b7e85c92d213b21dd7ede5837e27f4f8cb1bd4c28ff010cdc284c8d6713a48424b75414ab5388789545d3ba7d6a88a2fa20c6fa27d1788fd80c95
SSDEEP

384:OB9loWmqnvSRgpOCBviBseTRmqRA5i9Sh8eChhhh5QlQOKWO8KBxo:b2KQOCBKBseTgqO5i9ShTChhhh58Qjfo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3232b624bfbd3b17529878c0559508e9_JaffaCakes118

Files

3232b624bfbd3b17529878c0559508e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7193ea2c5f19ba1f365d34552da5894a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetModuleHandleA
GetCurrentProcessId
GetLogicalDrives
GetStdHandle
GetCommConfig
GetEnvironmentStringsA
CreateHardLinkA
WaitForSingleObject
GetACP
GetTimeFormatA
HeapCreate
DeleteAtom
HeapDestroy
GetProcessVersion
IsDebuggerPresent
CreateFileMappingA
GetCurrentThread
InterlockedExchange
GetTapeStatus
LoadLibraryExA

user32

GetDlgItem
GetParent
ReleaseDC
FrameRect
wsprintfA
GetWindowTextLengthA
ShowWindow
GetClassNameA
EndPaint
FillRect
DragDetect
BeginPaint
GetTitleBarInfo
GetWindow
DrawTextA
GetFocus
SetActiveWindow
GetCursorPos
SetForegroundWindow

advapi32

RegSetValueExA
RegCreateKeyA
RegCloseKey
RegFlushKey
RegEnumKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ