b32c97a40da0ac9ccc09bde5ba44cc45_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b32c97a40da0ac9ccc09bde5ba44cc45_JaffaCakes118
Size

14KB
MD5

b32c97a40da0ac9ccc09bde5ba44cc45
SHA1

42124f0177c6f1b97e68b66809c75b97b42f2ed8
SHA256

7436ea039740b6f6e64391cb2027d88555ba1816f7a921f3e7df64ecf144bf76
SHA512

8196869fb510a96450c87c2ddf2ca4de4e7074ab6f6d2a7752c8703f34265effa805f04e1b8752bef3e306bd3226ecbca9f6aadbc2fb32591dfb1f9c9e35cd59
SSDEEP

192:CTwEyNXMC7oi9W7xdJTEaWygstdt1EixcokQqPo5bdh9VyPRduKDe84YzjhiQi:0wT2tdCaWyg+VvxDkQJ5b39cXVa8I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b32c97a40da0ac9ccc09bde5ba44cc45_JaffaCakes118

Files

b32c97a40da0ac9ccc09bde5ba44cc45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b95178628a07cab4b0056df25a9d15cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
lstrcpyA
CreateThread
lstrcmpA
LeaveCriticalSection
WaitForMultipleObjects
EnterCriticalSection
GetTickCount
CreateEventA
InitializeCriticalSection
lstrcmpiA
ReadFile
SetFilePointer
GetFileSize
Sleep
SetEvent
GetModuleFileNameA
CreateFileA
CloseHandle
GetModuleHandleA
ExitProcess

user32

RegisterClassExA
SetWindowTextA
DefWindowProcA
PostQuitMessage
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
EnableWindow
DefDlgProcA
LoadIconA
LoadCursorA
RegisterClassA
LoadAcceleratorsA
GetMessageA
PeekMessageA

rasapi32

RasEnumEntriesA
RasGetEntryPropertiesA
RasDialA
RasGetErrorStringA
RasEnumDevicesA
RasSetEntryPropertiesA
RasHangUpA
RasEnumConnectionsA
RasGetConnectStatusA

comctl32

ord17

msvcrt

strchr
malloc
atoi
strstr
_strupr
??3@YAXPAX@Z
??2@YAPAXI@Z
free

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ