37ae8e946d68dfdde4633cc8aa953d1d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37ae8e946d68dfdde4633cc8aa953d1d_JaffaCakes118
Size

150KB
MD5

37ae8e946d68dfdde4633cc8aa953d1d
SHA1

9f7f07c216611be9715e522dae50e386b143a9be
SHA256

2c8b660b1c5cf27ce0992a03e17f467199f5f3090fe6c360b0478847892b495b
SHA512

b4ef74e710ad6c9e1b3ade0cd7dfb2d9ca0b18b4b7b2c5c961ceff544afa524297c206d48b9e366204858f35ed88622b6dc3ab8c608b072dd5ebdcaefdf795f2
SSDEEP

3072:46dOz20RDKC64CKL4ydHUYgr5RufpYRYVJt:1dKleC64L4yd0Y+byiREJt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37ae8e946d68dfdde4633cc8aa953d1d_JaffaCakes118

Files

37ae8e946d68dfdde4633cc8aa953d1d_JaffaCakes118
.exe windows:1 windows x86 arch:x86

b0c6888d8cbba0cd129f6193d55ed9cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegSetValueExA
RegDeleteValueA

ntdll

strstr
wcsstr

kernel32

VirtualAlloc
lstrcpyW
lstrcatA
lstrcpyA

ole32

CoCreateGuid

user32

CharLowerW

Sections

.data
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 282B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 466B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 106B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE