32445805a620f1ddf357acdaa9e845da_JaffaCakes118 | Triage

Sharing

General

Target

32445805a620f1ddf357acdaa9e845da_JaffaCakes118
Size

96KB
MD5

32445805a620f1ddf357acdaa9e845da
SHA1

a74f1cf50b6c54830e56726ad49cd90ff18b668f
SHA256

c5e168f4fe53c3d2a32d3a0cba378582012783347dd85c2dabb43d8644f8b033
SHA512

9cdbd1e399a84048962b16bcbbc04381c9dac8984b88f05fe20f58baa550d32e8ead56fe85f40d09aee4860099d18f8b670e480e8a80b2c55cca497731b3072f
SSDEEP

768:3C0/c7B5nO4rGQzTGfqc33emu4v/eo4z7VP7LdGSu2HyTAzfMgTAzfM0CA:3C0XQhd54v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32445805a620f1ddf357acdaa9e845da_JaffaCakes118

Files

32445805a620f1ddf357acdaa9e845da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab10e62cbd44b02571382089244b857e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

user32

MessageBoxA
CharUpperA

msvcrt

__p__fmode
__p__commode
_except_handler3
_controlfp
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strstr
strchr
strrchr
strlen
toupper
fprintf
strcat
strcpy
memset
fopen
fclose
strcmp
__set_app_type

kernel32

GetStartupInfoA
SetCurrentDirectoryA
CreateProcessA
CreateFileA
GetFileTime
SetFileTime
GetFileAttributesA
FindFirstFileA
FindNextFileA
FindClose
GetWindowsDirectoryA
SetFileAttributesA
CopyFileA
GetModuleFileNameA
DeleteFileA
SetSystemTime
Sleep
GetModuleHandleA
GetSystemTime
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ