37ccfdbebe357171e6a4be7e7760590f_JaffaCakes118 | Triage

Sharing

General

Target

37ccfdbebe357171e6a4be7e7760590f_JaffaCakes118
Size

187KB
MD5

37ccfdbebe357171e6a4be7e7760590f
SHA1

00f44376824fe298c6b3fcc06b46f6dec3898836
SHA256

b877a3697e6559fa0e317a6480dbdd73d955c42f5f80eda1aafa159ccf030c0b
SHA512

e4edbade58d0cf44347238f3daf1512f1fd27c554f3808da4f15b07e3cb7532b2e0bd34c787d251176dd32c9408a75632d37e5aadd957ab4b1b456cc0a94870f
SSDEEP

3072:6Fh4IoSEIj1EGWE6GU9N46AQIKFoRnxLeFZoXNhnUau4R6BCPVybQqx6PCLLMxm:6F6IX1EGphwtWuiLnUauHoNSNLLMxm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37ccfdbebe357171e6a4be7e7760590f_JaffaCakes118

Files

37ccfdbebe357171e6a4be7e7760590f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

066f33e6f8d4d1630501c7223b38492c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetOEMCP
GlobalGetAtomNameA
GetLocaleInfoA
TlsSetValue
IsValidCodePage
WriteConsoleA
HeapSize
VirtualAlloc
SetFilePointer
TlsGetValue
MultiByteToWideChar
EnumResourceNamesA
GetACP
GetDateFormatA
GetTimeFormatA
CreateHardLinkA
GetCPInfo
GetConsoleOutputCP
HeapReAlloc
TlsAlloc
SetStdHandle
RaiseException

occache

FindControlClose

shell32

SHGetFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW
ShellExecuteExW
SHGetMalloc
ShellExecuteW
DragAcceptFiles
SHGetFileInfoW
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetPathFromIDListW
Shell_NotifyIconW

Sections

.text
Size: 91KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ