32cda987de668ea311d7fb879783aa9d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32cda987de668ea311d7fb879783aa9d_JaffaCakes118
Size

588KB
MD5

32cda987de668ea311d7fb879783aa9d
SHA1

98e384d2e43ab7a2078f1cde945c3402bf4ac46b
SHA256

b8ff86c1ede3b4911baa915c2350b2fff98ba8b23cf599fe2d0f3f3c76889e31
SHA512

97d25ed98a4450a7d1194ef303d7bef3f85b1f039e37ae16f93e6c1ab7c1f05b1fac8a7ee1ba67919748ea192f8fadd9bde13e34d2d6abdce286c618cd1fe2e7
SSDEEP

12288:urE/iS0rUJ5V3qW+aGJXyN/H4yecvWUGKIxuLau8JBHb:ucijUnV3J+dI/HqtdBHb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32cda987de668ea311d7fb879783aa9d_JaffaCakes118

Files

32cda987de668ea311d7fb879783aa9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ngjkec0n
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

8dna8y5p
Size: 358KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

r7328zo8
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ