32078366f1bab63733ec01341ed7540b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32078366f1bab63733ec01341ed7540b_JaffaCakes118
Size

165KB
MD5

32078366f1bab63733ec01341ed7540b
SHA1

0926e6dd1738760d27a457470b7817af5979014c
SHA256

e7d3ca7d34abb15509d2afd728cd9856e3b494ff2dd68aeb37411f20fc2beabe
SHA512

eb69885a7e5b65c3bf82fa62e4e7d971548f42f99cfc64e4e432f17260df21d238e3bf4d859927d477bb4aadcee0b0bd4bc0f7619c08d18ae9a0b26004ef8ac5
SSDEEP

3072:EtXf4HHH5K7C0+otwGLMfbMaFc5vWXdWpt+ByGb0IltYKyGWM:GXf4HHHFNotnMj1MOXdWb+BDrMKyGz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32078366f1bab63733ec01341ed7540b_JaffaCakes118

Files

32078366f1bab63733ec01341ed7540b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be503a85c5a72576284b9c49b0ced380

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
SetConsoleCP
HeapCreate
GetPriorityClass
RaiseException
GlobalFree
GlobalDeleteAtom
GetTimeFormatA
GetLastError
GlobalAddAtomA
VirtualProtect
LoadLibraryExA
SizeofResource
EnterCriticalSection
CloseHandle
GetACP
GetStdHandle
MultiByteToWideChar
GlobalUnlock
LockResource
Sleep

user32

GetMenuItemInfoA
GetWindowTextA
AnyPopup
GetWindow
GetClassNameA
GetForegroundWindow
DrawEdge
EndPaint
GetCursorPos
ReleaseDC
ShowWindow
BeginPaint
DrawMenuBar
ValidateRect
GetParent
GetActiveWindow
GetClassInfoExA
IsIconic
GetFocus

mprapi

MprAdminUserOpen
MprAdminUserRead
MprAdminUserGetInfo
MprAdminUserWrite
MprAdminUserClose

mapi32

MAPILogonEx

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ