32b03b63b3353546eb53729d486ee441_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32b03b63b3353546eb53729d486ee441_JaffaCakes118
Size

175KB
MD5

32b03b63b3353546eb53729d486ee441
SHA1

dd43398d4cf2e3285ee307bbee43d2e6b3bab4b1
SHA256

b630d5c09aecbc79d7114a53ae6aabbbb85d921911a49449e16b0c5c3972a2d3
SHA512

3a409718277c130f1a6eada3dfa7e665c088fea8ee32e039756f4f5447e6cef4d757124153d863b1406c474313021b51acb343d081fc6a85f967e55b20e45824
SSDEEP

3072:D+dpnLS+Br5DSinD4FSRlfzZWO8yuQRX33S3bk4HijHieImZO:DqdLVZz4FuVWO7/HSruieZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32b03b63b3353546eb53729d486ee441_JaffaCakes118

Files

32b03b63b3353546eb53729d486ee441_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7740b03fcade81fe32918c2dee3da972

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadResource
FreeLibrary
GetNextVDMCommand
FileTimeToSystemTime
FindNextFileW
FindFirstFileW
SetThreadPriority
SetEnvironmentVariableW
GetStringTypeW
GetLocalTime
SetCurrentDirectoryW
SystemTimeToFileTime
EnumResourceNamesW
CompareStringA
FindResourceW
RegisterWaitForSingleObject
FileTimeToLocalFileTime
GetShortPathNameW
LocalFileTimeToFileTime
FindClose
SetErrorMode
SearchPathW

user32

ReleaseCapture
ValidateRect
ValidateRgn
GetWindowInfo
SetCapture
ExcludeUpdateRgn
GetCapture
InvalidateRgn
GetUpdateRgn

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ