032cab0f613369f349fba2d41de5375b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

032cab0f613369f349fba2d41de5375b_JaffaCakes118
Size

4KB
MD5

032cab0f613369f349fba2d41de5375b
SHA1

dfa6915f7a32120a076aa24fb65c374f48e7f6e5
SHA256

d2746942b63f2d0f4ebeaa02f019bcfcb4c2d26c7a29c378ddf7c09596c302fd
SHA512

47832ababbdfe2a7362824f148f6b9d7a8f2f2229f91ece19bb977b2bf94b3736e4d12901482ed9cc8766034e4711f9cef58454c5e3a5922d13c96edb427fc69
SSDEEP

96:aSy5ht/ZKiKcrhRVqvg8MgzpqZzAYtaiHFqOZyDI7:w5f/zjDBg1qOYtpqOyc7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
032cab0f613369f349fba2d41de5375b_JaffaCakes118

Files

032cab0f613369f349fba2d41de5375b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0e5e9f1975a1717d5265aced9b83837

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
CloseHandle
Process32First
CreateToolhelp32Snapshot
GetLastError
LoadLibraryA
Sleep
GetExitCodeThread
CreateRemoteThread
LoadLibraryW
ReadProcessMemory
GetProcAddress
OpenProcess
GetModuleHandleA
CreateFileA
CreateProcessA
GetCurrentDirectoryA
GetCommandLineA
CreateMutexA
SetLastError
GetVolumeInformationA
HeapAlloc
GetProcessHeap
VirtualFree

user32

wsprintfA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 858B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE