37a189985cbde9b487894404231ad3a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37a189985cbde9b487894404231ad3a7_JaffaCakes118
Size

115KB
MD5

37a189985cbde9b487894404231ad3a7
SHA1

1e597a634797f03cfdc5fe515088210e971acdf2
SHA256

3bf072a78638222b2e9d63062963e5e0fa8592baae864ba48180bfb077ecb00f
SHA512

c2c89e351d0e1ebdd9fe2f7d1c7030e3a8806ab64b69c1546b2ec232ac8de42c4163633b7653e524db84e8fc567991e9e5848e5d1a1ea11669eb5559645a09de
SSDEEP

3072:Y9JypY34YPn9IgurLx7CG4TD0OgVWbjG62T:myp64yegQc9yV0af

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37a189985cbde9b487894404231ad3a7_JaffaCakes118

Files

37a189985cbde9b487894404231ad3a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60dee5d01283d3285edadcfee0b9c1ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeUserPhysicalPages
GetConsoleAliasesLengthW
GetVersionExW
GetCommConfig
GetOverlappedResult
OpenFileMappingW
SetFileTime
Thread32Next
ScrollConsoleScreenBufferA
GetCompressedFileSizeA
DisconnectNamedPipe
ReplaceFileW
GetSystemPowerStatus
VerifyVersionInfoW
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE