32fd84e560294abe1e19aeb4b9f19451_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32fd84e560294abe1e19aeb4b9f19451_JaffaCakes118
Size

60KB
MD5

32fd84e560294abe1e19aeb4b9f19451
SHA1

b9370f778bce22c499d89a4e6eb6957c6624a4e4
SHA256

81950142e34efb7730f24d15bfefbcf1dfd7dec51a95c4d2a8a9f06a5f1eae05
SHA512

72673817e2acc682dfb7511c851c76b41004c6847a7ef2588731230ff2ec01dfac05eb45042441819d1fc26d28158808030ae5ee26af17d48a6988d471780841
SSDEEP

1536:riZMdwEuA4fLfT0pksufq2OFBJPy9cMGGA:rwzAcr0pkreBFig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32fd84e560294abe1e19aeb4b9f19451_JaffaCakes118

Files

32fd84e560294abe1e19aeb4b9f19451_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9160a4e62e29731cedc79e1a4a59b79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapQueryInformation
VirtualLock
GetUserGeoID
GetConsoleFontSize
VirtualQueryEx
LoadLibraryW
GetWindowsDirectoryA
lstrcmpA
DosDateTimeToFileTime
BaseFlushAppcompatCache
FillConsoleOutputAttribute

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE