37cfb72a9a6a8502785b2f6e82d48585_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37cfb72a9a6a8502785b2f6e82d48585_JaffaCakes118
Size

115KB
MD5

37cfb72a9a6a8502785b2f6e82d48585
SHA1

185dafb2ff5a87e9bc21d06fd06c1f36a0015af7
SHA256

53c4a30a2b56b3168074c3808f867677125288d6d38b86588006beefaa27121a
SHA512

9827f643792f924881e27ed5351d479b1d776862d83880dbe3f4b129d83869b479d0dfa3b2d1445d4f78af96543cc1af947bff6e9bb458ea221edef272be4714
SSDEEP

1536:DDtfMvgunwrZibI7M7vOGBOUrgzuSlqUkM8JpVHomd0w5NkOyS5uVZpCab:V62kbIY7WGBOlx8lHomZmS8VZF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37cfb72a9a6a8502785b2f6e82d48585_JaffaCakes118

Files

37cfb72a9a6a8502785b2f6e82d48585_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2afdcf11cf963ecc7740e000c11ed050

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
RemoveDirectoryA
lstrcmpA
VirtualFree
Sleep
ExitProcess

user32

CharNextA

Sections

.text
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Cjyhnirj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Obfgm. U
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Cokiyled
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 253B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ