37f167d60ee41caea18c899108adcf48_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37f167d60ee41caea18c899108adcf48_JaffaCakes118
Size

16KB
MD5

37f167d60ee41caea18c899108adcf48
SHA1

7b173e095f90e155eb9f97752240ca2ec8b39ce1
SHA256

767463bfce01285602e2725d78486c5fe7851d1304c5f078ea50d5ea60f0cba9
SHA512

749d224462ba6a5a6d60aaef96788f9bb9f3464059bcccd52ecc40b1cdb5f24648e511161beb1264254421701d6b6392b193dc509cd242b6f48132b71a182d65
SSDEEP

384:TicoOIKHM7tHLWNEfgvQfg0V702xFjjfPAzpWMOHaSV:ThoLWM7tHL9fgvQfg0zjfPupW9n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37f167d60ee41caea18c899108adcf48_JaffaCakes118

Files

37f167d60ee41caea18c899108adcf48_JaffaCakes118
.exe windows:1 windows x86 arch:x86

33474628c7b7faf51e9b6fcb80bfe0ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHQueryRecycleBinW
ExtractIconW
CheckEscapesW
SHLoadInProc
SHFileOperationW
SheFullPathW

user32

CreateDialogParamW
DdeClientTransaction
DdeInitializeW
DdeUninitialize
GetClassLongW

kernel32

GetModuleHandleW
GetStringTypeW
GetThreadLocale
IsBadCodePtr
IsBadReadPtr
LocalHandle

gdi32

Chord
DPtoLP
CreatePen
EnumICMProfilesW
ExcludeClipRect
BitBlt
Arc

Sections

��t
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE