32348baa7e35b75de7c149552cc7ecb3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32348baa7e35b75de7c149552cc7ecb3_JaffaCakes118
Size

799KB
MD5

32348baa7e35b75de7c149552cc7ecb3
SHA1

29fdbaf56c5b7979ff9ac747f408c7afcd17a6a6
SHA256

26f51b117f3bcbb3aa5162ed8cbdaec345541d6fa90ca5c174fd9fedb4cbf3a0
SHA512

a5d9c7c9a96490388f6fbfb32b1aea69a6d3471414e594d39d781a1eae8bf639683dea884a3c16819be976bfc8eb001ed4c7ef9d4b7b6cc6db47a44d73da64e8
SSDEEP

24576:88TTYrcdaVculiB5OYdf7Pz4acaqcacvvEBwzNr1eHA:BTYAy1DYdfTz4acaqcacnEB2r0HA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32348baa7e35b75de7c149552cc7ecb3_JaffaCakes118

Files

32348baa7e35b75de7c149552cc7ecb3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c4766ef9d97bffed9a0fbcd3da1f4721

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
CreateFileA
CloseHandle
LCMapStringA
LoadLibraryA
ExitProcess

user32

CharLowerBuffA
CreateWindowExA
CloseWindow
SetWindowLongA
wsprintfA

advapi32

RegDeleteKeyA
RegQueryValueA
RegSetValueA
RegEnumValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyA
RegCloseKey

Sections

.text
Size: 512KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 336KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ