32b9747ae90cf74f89d9c2e1ed6776ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32b9747ae90cf74f89d9c2e1ed6776ee_JaffaCakes118
Size

25KB
MD5

32b9747ae90cf74f89d9c2e1ed6776ee
SHA1

37683b605444b723ab873f9e93ed04884f4432ee
SHA256

ba1f38381d8fd05999dd0d4a17a5f1503199acb35c61aa390f3f31a2bd1f2323
SHA512

5cb923bd77fa8638e7be68bc08d7b18a916de94673cc22eadd00434dd7c69446a60d38c5f62eb001992749fc537e18279f0b0a215f28cf9f0591395f248a61ae
SSDEEP

192:SmfVi2wZnnGj4HAhxc39dksMtcftBP4616tToNIGM71atN8Vr6sq:SmfVi20nGmd9Qt+Ws6roD8VWs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32b9747ae90cf74f89d9c2e1ed6776ee_JaffaCakes118

Files

32b9747ae90cf74f89d9c2e1ed6776ee_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c0fbab2f0f750b96c78704dc1d289c64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetProcessAffinityMask
ResetEvent
GetSystemDirectoryW
TlsSetValue
GetCurrentDirectoryW
FindClose
SetHandleCount
GetFileAttributesA
HeapAlloc
HeapCreate
GetStartupInfoA
RaiseException
LeaveCriticalSection
GetModuleHandleA
SetThreadAffinityMask
CreateToolhelp32Snapshot
TlsFree
VirtualFree

msvcrt

_wutime64
_controlfp
_adjust_fdiv
_wrmdir
_initterm
_mbscmp
_acmdln
_except_handler3
__setusermatherr
__set_app_type
exit
_mbbtype
__p__fmode
memcpy
_strnicoll
fgetws
_strtoui64
_exit
_XcptFilter
__p__commode
atan
__getmainargs
putchar

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ