37305e27b3a7718ad2472088c02db461_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37305e27b3a7718ad2472088c02db461_JaffaCakes118
Size

22KB
MD5

37305e27b3a7718ad2472088c02db461
SHA1

4a3c2bd424a9b6e90ef5e0743b8971943c02f444
SHA256

c004ad3206f68e48f620c1cb0b453d2efabf95c6edec8d2eb0f377ba7070f81c
SHA512

a1acb75b204ca54b01481de0897cca8497f8147e01e085f49fddf1eadfdd7bd25d10a3b66787daf7db39595e60ba59f6e25f5605994d7ae3be8e1c7919d0ed1f
SSDEEP

384:Y2gCiUxjgtRTsZTcaaB2KjQNq5N4xvqrfZFNeLNek+vDY:uRTsJra1v5GKS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37305e27b3a7718ad2472088c02db461_JaffaCakes118

Files

37305e27b3a7718ad2472088c02db461_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e30003e900b77dfd05f7f84055245196

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrToIntA

kernel32

lstrcatA
SetUnhandledExceptionFilter
GetTempPathA
SetErrorMode
CreateFileMappingA
lstrcmpA
MultiByteToWideChar
lstrcpynA
CloseHandle
GetLastError
lstrlenA
GetDriveTypeA
WideCharToMultiByte
MapViewOfFile
UnmapViewOfFile
InterlockedIncrement
lstrcmpW
IsBadCodePtr
lstrcmpiA
CreateFileA
IsDebuggerPresent
ExitProcess
LocalFree
FormatMessageA
ReadFile
VirtualAlloc
GetModuleHandleA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

user32

GetMessageA
GetParent
TranslateMessage
wsprintfA
MessageBoxA
GetWindow

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ