b32c73662070fed11c7892e05db3244e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b32c73662070fed11c7892e05db3244e_JaffaCakes118
Size

1.4MB
MD5

b32c73662070fed11c7892e05db3244e
SHA1

6a0f80079f8be23f487e583fc8b7761ad6d0badf
SHA256

d5a67b5e329bfc7105d4d6410b06e0d613e82ab95e38d7fa59ec16289b3e3f35
SHA512

7a476b9fe83b5ca6590ad36af89f14c388b28c07d17f65792b1cd43c771b3491046a3d89e05850a511c1f536ff20d437df120984a5c2e4095029f74b825c73b6
SSDEEP

24576:FQFJweLf5P5n0lLCoQfMNSdoBl7MhCXX7CUsd/hFJDkxNjCmKsG6+dV+V6lWKdGi:FM3Lf5xqLCoWMNCsywn+Jd/hFJwzjC9N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b32c73662070fed11c7892e05db3244e_JaffaCakes118

Files

b32c73662070fed11c7892e05db3244e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

38430e15ce791441b8e13a71ccdd04e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

avicap32

capCreateCaptureWindowA

msvfw32

DrawDibDraw

winmm

waveInPrepareHeader

comctl32

ImageList_ReplaceIcon

ws2_32

htons

sensapi

IsNetworkAlive

user32

SetThreadDesktop

gdi32

SetDIBitsToDevice

advapi32

CreateProcessAsUserW

shell32

SHAppBarMessage

ole32

OleInitialize

oleaut32

SysAllocString

iphlpapi

GetAdapterIndex

mpr

WNetEnumResourceW

shlwapi

PathCompactPathW

wininet

HttpSendRequestA

crypt32

CertGetNameStringA

imagehlp

ImageGetCertificateHeader

Sections

.text
Size: 1.4MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE