37209a4638d21ebf0040e3d366f37305_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37209a4638d21ebf0040e3d366f37305_JaffaCakes118
Size

3KB
MD5

37209a4638d21ebf0040e3d366f37305
SHA1

3135879724bb12836dbdd7d0e5f60ba7d9686deb
SHA256

68a9a17b092fbc7dea19b52561ecd02a36211f928bfe882e221b1f50b74f1142
SHA512

32c6f7efeb44a753b28342fb6ca975fcefa9798881f61af4ee62fbfaa5e94d1685af2239a0cbcb4586cfe51bfcbd36ad0f0571837290006be577a7c16d885075

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37209a4638d21ebf0040e3d366f37305_JaffaCakes118

Files

37209a4638d21ebf0040e3d366f37305_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01a690afe78b22db97d051087f478155

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
FindWindowA

kernel32

GetWindowsDirectoryA
LoadLibraryA
lstrcatA
WriteProcessMemory
CloseHandle
CreateRemoteThread
ExitProcess
GetProcAddress
OpenProcess
TerminateProcess
VirtualAllocEx
VirtualFreeEx
WaitForSingleObject
WinExec

Sections

.text
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 618B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 379B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE