37107c63951126ed771df4ff8d8bf177_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37107c63951126ed771df4ff8d8bf177_JaffaCakes118
Size

816KB
MD5

37107c63951126ed771df4ff8d8bf177
SHA1

23ad6160b296d29113326a33fe0b2ab4d5396460
SHA256

64268e807ba1e693b74efd4911bd9b40c619ad240d79638bcbaab953ffd94ea4
SHA512

4f2d339b559061e11eaeccafeba3eae43f3d2ff6a3d2b877dce7c3748baccb711d863599b2823b875acb17090abd47cbf210beec1aee31ea3208898971d451e2
SSDEEP

24576:4BqJPPqCGz69dgGqpNjACI3oKm1L44/+uD+JJ1eISnk:4osCGz69SGqzDuo1x4KTD+JPvSk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37107c63951126ed771df4ff8d8bf177_JaffaCakes118

Files

37107c63951126ed771df4ff8d8bf177_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bbf2f45a2f21eb1a89c6d8a82db3a754

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetCurrentDirectoryW
GetLastError
GetLastError
GetLastError
MoveFileA
VirtualProtect
GetConsoleTitleA
GetLastError
CreateMutexA
GetVolumeInformationW
GetLastError
CreateSemaphoreA
lstrlenW
GetLastError
GetFileType
GetLastError

objsel

DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.odata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.Data
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE