32cab32c177a98ea56098b16b3713724_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32cab32c177a98ea56098b16b3713724_JaffaCakes118
Size

103KB
MD5

32cab32c177a98ea56098b16b3713724
SHA1

a438e8c5a5ea5eb1461621fb3308823adcc7d9ca
SHA256

2672f43595ffb9af352051070546660ddd224656b9deea8f561613100d90adc3
SHA512

79183202ea8f5ae017d2ff78cec14e955974bfa90861fb83fdb3569f5521ebde29230e09dd3525d6d4a4fbdafc1783a73ea2fffef3383f142ec2edcda9677ec6
SSDEEP

1536:77yGq8pSUWxG4KhZYBaRReCIMJpMnDr9f+g0PSXIS39l0bFwgiqXM59BR2y:7E8pSUM9oS8RY+pMnNfOSXISjgXM59/F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32cab32c177a98ea56098b16b3713724_JaffaCakes118

Files

32cab32c177a98ea56098b16b3713724_JaffaCakes118
.exe windows:5 windows x86 arch:x86

77c598962bc958860f3e7597c0399ce7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\oOaaX\XWyBota\yqkwcr\saqgmgS\xwwojl.pdb

Imports

gdi32

SetBitmapBits
RoundRect
CreateCompatibleBitmap
SetMapMode
LineTo
GetTextCharsetInfo
GetPaletteEntries
GetDeviceCaps

kernel32

LoadLibraryExA
CreateWaitableTimerA
GetConsoleOutputCP
GetPriorityClass
LocalReAlloc
lstrcpyA
GetOverlappedResult
CloseHandle
lstrcmpiW
GetCommState
SetConsoleScreenBufferSize
GetVersion
lstrlenA
CancelIo
LocalSize

user32

GetWindow
GetCaretPos
DestroyAcceleratorTable
SetSysColors
FindWindowExA
IsCharAlphaA
GetCaretBlinkTime
CharNextW
UpdateWindow
SetWindowTextA
IntersectRect
IsIconic

comctl32

ImageList_GetIcon
CreatePropertySheetPageA
ImageList_Remove
ImageList_AddMasked

Exports

Exports

?SfEGJibsqxo@@YGHPADPAG@Z
?owDjahyoucdnEsrzb@@YGIDK@Z
?xPgXjQsvo@@YGHM@Z
?jjrsAmPwwMbknuta@@YGNK@Z
?btozmkEmzfmd@@YGIEF@Z
?bdqkPtd@@YGJD@Z

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ