937f74aaf848b613a95f1daaffb55c38_JaffaCakes118 | Triage

Sharing

General

Target

937f74aaf848b613a95f1daaffb55c38_JaffaCakes118
Size

36KB
MD5

937f74aaf848b613a95f1daaffb55c38
SHA1

aad26094cad1e86b146ebff1f39c5cf67bc49471
SHA256

14a79726b957d577e8a2e387bda5e64c4998dc4827e9da2a1ee93677777acb00
SHA512

86c57143e0be72f4f4db5c8b11803ad4b6026880a4489301fada1edc71f110223a18db67489f66fd21583754d5dea643f39ebfa745c77438da9697aa28c3c6ff
SSDEEP

768:+9Et6YzvOMG9cD/FYhU6vauo1+fAs7Ddg4RoBMZevZw/xfy:+Y6CJ5Ia7F4Ro3W/hy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
937f74aaf848b613a95f1daaffb55c38_JaffaCakes118

Files

937f74aaf848b613a95f1daaffb55c38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2ad78181feed418dff29565b30d6450

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

SetBkMode

shell32

ShellExecuteA

advapi32

RegEnumKeyA

comctl32

ord17

ole32

CoTaskMemFree

version

VerQueryValueA

Sections

.MPRESS1
Size: 16KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS1
.MPRESS2
.rsrc/0/version.txt
.rsrc/1033/GROUP_ICON/103
.rsrc/1033/ICON/1.ico
.rsrc/1033/ICON/2.ico
.rsrc/1033/ICON/3.ico
.rsrc/1033/ICON/4.ico
.rsrc/1033/ICON/5.ico
.rsrc/1033/ICON/6.ico
.rsrc/1033/ICON/7.ico
.rsrc/1033/MANIFEST/1
.xml