432bd4a42861c5c1f49e045e684dce2f_JaffaCakes118 | Triage

Sharing

General

Target

432bd4a42861c5c1f49e045e684dce2f_JaffaCakes118
Size

40KB
MD5

432bd4a42861c5c1f49e045e684dce2f
SHA1

de8522c4ba05a3adbff2741865adbcbb4efbf20b
SHA256

7d72f7d4f6eb99a764e07b7be4676de53b8766ca53f2f4301aac840374a6f63c
SHA512

aba7b1930d6bd23a7e72d2d0cf64e3f2c02792b8c0cfd294630ba7c6c7dc6f00e78b0dd8e47804eec33470c3fb48c28b3df78dc9ba8b8eafbc7d4676393036d3
SSDEEP

768:KU1fk4A6UJ7VcYpS9FmS5IQZNxJQA82SiS1JDgW:ThA/BVrS9FmS5V5uA8TT11

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
432bd4a42861c5c1f49e045e684dce2f_JaffaCakes118

Files

432bd4a42861c5c1f49e045e684dce2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fc0bbb6dd517e8c07111f1f7793710e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetLastError
DeleteFileA

user32

CopyRect
GetCursor
LoadMenuA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 54KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 331B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 199B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ