37249f039a3209f5acbb5faebbe1e7af_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37249f039a3209f5acbb5faebbe1e7af_JaffaCakes118
Size

183KB
MD5

37249f039a3209f5acbb5faebbe1e7af
SHA1

60a518c046d402fd2443e38a8a785c874cd5c6ac
SHA256

13e5c3bcf2e68f05cd1eb11c835b34df28e2e79369da2ba8f184f422736e7460
SHA512

108d6d5d53de196fdcbc5b5a6d1f941fd0efe3cff53a1bd0c475c23764f55f71335581fd8000d6942c3177b4c43d2ff2b6ebdbf51aada24c6386a1a263f6d04e
SSDEEP

3072:CO6J0Spo4Yaqw4X32VhcoDgm9AzjGXeHtp30dwhEdrhovhQwzfC8hXW/kAMsR:COCt/YzLXiheFziXstt/E7o2wzfC8hXQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37249f039a3209f5acbb5faebbe1e7af_JaffaCakes118

Files

37249f039a3209f5acbb5faebbe1e7af_JaffaCakes118
.exe windows:5 windows x86 arch:x86

950ef25e675e8d3f6080f0b18e1beff5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetCurrentProcessId
VirtualFree
GetVersion
Sleep
ExitProcess

Sections

.text
Size: 512B - Virtual size: 238B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Aghmismv
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Qopstwih
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Tgjtgb W
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 197B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ