32637c2ce078b1ac63d886acaa7075a8_JaffaCakes118 | Triage

Sharing

General

Target

32637c2ce078b1ac63d886acaa7075a8_JaffaCakes118
Size

306KB
MD5

32637c2ce078b1ac63d886acaa7075a8
SHA1

bd5baf0ebf542b740936b0fc81a01db085000bf3
SHA256

e2a41cdc104a9978435d2cc8ac0c85a54e31709688e3b9851cbd780f16eb4b1e
SHA512

53e75aa0a7406b6dd6b59cc67a2643386f59ffef08875436f47fcf67c8593b2603c339267b893b13fa1526c077a6c9a3ee16d9f913288752ee83c1013aac3081
SSDEEP

6144:MHuT3JLj/JuqJ9VztR3ZebLfZ/1c7JGPQ7vkbTXc1kX6V:8g3OuVzFeRgkLDX6V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32637c2ce078b1ac63d886acaa7075a8_JaffaCakes118

Files

32637c2ce078b1ac63d886acaa7075a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80c681369e68bf354d4ad1498bba1873

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
CharNextA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetModuleHandleA

advapi32

RegCloseKey

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

SaveDC

shfolder

SHGetFolderPathA

ole32

CoInitialize

comctl32

ImageList_Add

wininet

InternetOpenA

winmm

timeEndPeriod

Sections

.text
Size: 19KB - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE