32c1e7c56fc711fd9abf102615e48a47_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32c1e7c56fc711fd9abf102615e48a47_JaffaCakes118
Size

175KB
MD5

32c1e7c56fc711fd9abf102615e48a47
SHA1

ac29364c79fb922aaa2549ceaedcbf3dedd4ce22
SHA256

c55b71e4fc97147e38e12a06f857d4b8da83d5ab9c194e711e5e86888f958d43
SHA512

72ba1a2f16080aa94b0e33cc12834be6e4c030919003bb15fa01122c4b85303aa6af9b345ea6f5ed6c4e1ef97af043c69f2a76108e73363499c9961f8c373988
SSDEEP

3072:UZeMXBfPEXaCrNUeJ9Y1Abo2zgoAF7PStuJ2VNhCWtq/1WK90/0Z+dBZ1wPNjC2P:OPXBXEXaCr6emq7EBStuJ2VuK1/0Z+3C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32c1e7c56fc711fd9abf102615e48a47_JaffaCakes118

Files

32c1e7c56fc711fd9abf102615e48a47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

571bfeb3d265a9b44d6d18d47a9778bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

SetTimer
KillTimer
TranslateMessage
DispatchMessageW
SendMessageW
CharUpperW
GetMessageW
GetDC
PostThreadMessageW
CharNextW
wsprintfW
UnregisterClassA

shlwapi

PathCombineW
PathFileExistsW

ole32

StringFromGUID2
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoRegisterClassObject
CoInitialize
CoCreateInstance
CoRevokeClassObject
CoTaskMemAlloc
StringFromCLSID

kernel32

OutputDebugStringW
lstrcpyA
LockResource
MultiByteToWideChar
GetLastError
CheckRemoteDebuggerPresent
GetCPInfo
WideCharToMultiByte
EnumResourceNamesA
GetTickCount
lstrlenW
GetACP
GlobalAlloc
DeleteCriticalSection
InitializeCriticalSection
lstrcmpiW
lstrcpyA
GlobalFree
FindClose
lstrcpyW
GetModuleHandleW

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ