32ceaf8fa0748789204a622a1eb44d76_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32ceaf8fa0748789204a622a1eb44d76_JaffaCakes118
Size

52KB
MD5

32ceaf8fa0748789204a622a1eb44d76
SHA1

f891e178a784307ea11ded674f6278f784320dc6
SHA256

1691913184472c9ca83605bb72fc4ea2aee369138693f7403cf52fc844f50b98
SHA512

bbb92cf06e3d93a594adb3e0cfb8b4b1508d05424e9ddbb86db05619705a60191dddefab2f9449c09a78c7886be59818f83327200d1d159c580df0cc5a8dc0cb
SSDEEP

768:zFnp76jT4T56XSgotvbFK/JMOJiB9/nJB0LgCNN:zFpen4T5CoNF6v2+cE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32ceaf8fa0748789204a622a1eb44d76_JaffaCakes118

Files

32ceaf8fa0748789204a622a1eb44d76_JaffaCakes118
.dll windows:4 windows x86 arch:x86

98796d4403e8afcbff9252e4231b214c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ord519
ord456
ord394
ord360
ord172
ord818
ord304
ord307
ord826
ord823
ord824
ord767
ord825
ord347
ord763
ord415
ord337
ord413
ord119
ord358
ord228
ord229
ord874
ord320
ord322
ord323
ord457
ord500
ord498
ord857
ord502
ord887
ord254
ord523
ord515
ord140
ord558
ord496
ord242
ord236
ord381
ord854
ord506
ord559
ord594
ord416
ord419
ord545
ord546
ord690

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ