37b4edeed00018bb24bbd8b16ec3d949_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37b4edeed00018bb24bbd8b16ec3d949_JaffaCakes118
Size

20KB
MD5

37b4edeed00018bb24bbd8b16ec3d949
SHA1

36dec613b537c6a5b756f02962f58efba65a5b9e
SHA256

7361bd9c7e231704900aac855b68fd1f329ddd5660b95acc11284240b3ff635e
SHA512

5bf456266419941a78a5d5b3732e32fdb5019abf2f1b21699fe8ae3bdac80a734651d03d9bf4bde3dded12b821da460259db0f20cb107d0ac0a46ae62d901ac8
SSDEEP

96:CnZ9eK8G0mBLnwH/K6AV0VkLFWj6bPU3YrsVwSKcjr7ycM65TNXl70RNRQ8RcZ5B:qsK8G0MnwBkS6DmmAKc/7ycMKtWRLQVB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37b4edeed00018bb24bbd8b16ec3d949_JaffaCakes118

Files

37b4edeed00018bb24bbd8b16ec3d949_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e2fe3aba420baa13b76e5f0c0780ded

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
WaitForSingleObject
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapFree
IsBadReadPtr
GetTempFileNameA
GetTempPathA
DeleteFileA
GetModuleFileNameA
CloseHandle
ReadFile
GetFileSize
CreateFileA
WriteFile
SetFileAttributesA
GetEnvironmentVariableA

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 614B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE