37b3985d897681bb757b3a2de3b2eac6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37b3985d897681bb757b3a2de3b2eac6_JaffaCakes118
Size

8KB
MD5

37b3985d897681bb757b3a2de3b2eac6
SHA1

de6c424140b991b607298a051adf598c55abfd16
SHA256

0baab5df9388ace1b52eff9758facd1e30d5409846c985e46f693bfa1a91c072
SHA512

40c6f07d6cebf884e161f4258c1c99f7e27812c81e3668d62fd3f4c1be6e2fdd72173f0c792a62f81a2776cc6d57580bbd69313bc80fa0c688b6b8ff22a50adc
SSDEEP

96:6PGqi0DMi29lQuYQrt5FtuiRV0EyzF+GXI:6O02dY23ffXEF+cI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37b3985d897681bb757b3a2de3b2eac6_JaffaCakes118

Files

37b3985d897681bb757b3a2de3b2eac6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e230b757ceea2f68a5129fd43736b615

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
LoadLibraryExW
ResetEvent
VirtualProtectEx
SetLastError
Heap32First
lstrlenA
GetConsoleTitleA
GetModuleHandleA
IsBadStringPtrA
FreeConsole
GetStdHandle
IsBadReadPtr
GetDiskFreeSpaceExA
CloseHandle
LocalFree
EnumResourceTypesW
GetLastError
CancelIo
IsDebuggerPresent

user32

CreateWindowExA
EnumWindows
GetMessageA
GetKeyState
GetParent
EndDialog
DialogBoxParamA
GetDlgItemTextA
IsIconic
GetMessageA
CloseWindow
GetDlgItemInt
CopyImage
MessageBoxA

setupapi

MyRealloc
MyMalloc
IsUserAdmin
SetupCloseLog
MyFree

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ