32fd7e655f11db1f6d476af2c862199d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

32fd7e655f11db1f6d476af2c862199d_JaffaCakes118
Size

229KB
MD5

32fd7e655f11db1f6d476af2c862199d
SHA1

c704db0459c4135c566c3f6e13c6e6c494522cc9
SHA256

2448ddf996285279148239d7de4dcad6a57b985ed50860e4b39439b067b3aeac
SHA512

3ad6282194320577b24c4a9c022fe4670f162a5a7ad296fd38e382ee5135a35526e89d481b030ef3b88dbc87ca87728a877952cba39d752a9002e8891e1461ed
SSDEEP

6144:Ka28rtbtkzxeJXlm/yx4uNbypw7dJWorh1lXtlhIji:Ka28BtAUHxopwWYh7tPIji

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32fd7e655f11db1f6d476af2c862199d_JaffaCakes118

Files

32fd7e655f11db1f6d476af2c862199d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a2e7228e75e20b843f136741ada0d6fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExW
GetLocaleInfoA
HeapDestroy
CreateWaitableTimerW
SetHandleCount
TlsGetValue
EnumSystemCodePagesA
SetLastError
HeapSize
GetTickCount
WideCharToMultiByte
lstrcmp
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoW
TerminateProcess
GetStdHandle
GetSystemInfo
GetLocaleInfoW
GetCurrentThreadId
SetEnvironmentVariableA
GetCommandLineW
VirtualProtect
GetProcessHeaps
lstrcpy
ExpandEnvironmentStringsW
CompareStringA
MultiByteToWideChar
UnhandledExceptionFilter
GetDateFormatA
GetUserDefaultLCID
HeapCreate
GetCurrentProcessId
GetTempFileNameA
ExitProcess
SetEndOfFile
GetLastError
GetSystemTimeAsFileTime
QueryPerformanceCounter
WriteFile
FreeEnvironmentStringsW
EnterCriticalSection
InterlockedExchange
GetEnvironmentStringsW
TlsAlloc
GetFileType
GetShortPathNameW
LoadLibraryA
HeapReAlloc
VirtualFree
IsValidLocale
GetTimeFormatA
ReleaseSemaphore
GetACP
GetTimeZoneInformation
GetEnvironmentStrings
IsBadWritePtr
LeaveCriticalSection
GetModuleFileNameW
GetDiskFreeSpaceA
GetCurrentThread
InitializeCriticalSection
GetStringTypeA
LCMapStringA
GetCommandLineA
GetExitCodeThread
FlushViewOfFile
WritePrivateProfileStringW
GetVersionExA
EnumCalendarInfoExW
GetStringTypeW
LCMapStringW
FreeEnvironmentStringsA
CompareStringW
VirtualQuery
GetCPInfo
GetOEMCP
GetCurrentProcess
EnumSystemLocalesA
TlsFree
CreateProcessW
VirtualAlloc
HeapFree
TlsSetValue
RtlUnwind
DeleteCriticalSection
GetProcAddress
GetStartupInfoA
IsValidCodePage
HeapAlloc

shell32

ExtractAssociatedIconExA
SHGetDesktopFolder

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2e7228e75e20b843f136741ada0d6fc

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 7KB - Virtual size: 37KB

.data Size: 110KB - Virtual size: 109KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 7KB - Virtual size: 37KB

.data
Size: 110KB - Virtual size: 109KB

.rsrc
Size: 9KB - Virtual size: 8KB