1937b207730df071f92cb3672a4b1330_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1937b207730df071f92cb3672a4b1330_JaffaCakes118
Size

155KB
MD5

1937b207730df071f92cb3672a4b1330
SHA1

3886d92347346d765218900845fee22f87ba9bfc
SHA256

cb9fb6ed7371ba0cb645e6e475ea5795869a13657c80b181546df01536de7495
SHA512

efe2ef40bfd8a4ea27116e37af341215e5fc93b86e30ae5d3069d96bbdcdfdf6fbb1659b875bf12f4a2f8969714ed626fcba93001045c985227ea4381bd3ca2e
SSDEEP

3072:cjOBBC9djr/tDNssS709ubB0+lU9Dyq9CbXZWzUlr4QuVHK9I7PGnDbSnXuLQcSl:cjOBBC9TfpAtHUBnCbXO+r4QuUI7cbSh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1937b207730df071f92cb3672a4b1330_JaffaCakes118

Files

1937b207730df071f92cb3672a4b1330_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92e9b8fafc24ba77295c3e7135d7f7fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
CreateMutexW
WriteTapemark
CreateFileW

shell32

SHLoadInProc
DragQueryFileW
ShellAboutA
ShellHookProc

ntdll

LdrFindEntryForAddress
LdrGetDllHandle
KiUserExceptionDispatcher
NtAddBootEntry
NlsAnsiCodePage

comctl32

ImageList_DrawIndirect
ImageList_ReplaceIcon
ImageList_Write
InitializeFlatSB

Sections

.text
Size: 62KB - Virtual size: 91KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 46KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE