37678e2be57ed1bc687026d786da5e0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37678e2be57ed1bc687026d786da5e0e_JaffaCakes118
Size

54KB
MD5

37678e2be57ed1bc687026d786da5e0e
SHA1

cedf60f3771f625b15c0bf929549c6accb439fef
SHA256

a9087b62f65a73245c0da1b501a5065d8aaf3fbb2cc10e74d886cfad1cd0f29c
SHA512

162ab2a32b3a3eebfb74a2ca85c703bec4f1d090b5559c8871a2335ec66ef3c826e0b1db9908f01fd5823e54ec3845400e074193829af47619f9c23a36cb7056
SSDEEP

1536:+jDcTNk42HnuJynf3oGVFh2vpKQnSL3ctbWxO9:0bBnf3oGZ2hKzAhYO9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37678e2be57ed1bc687026d786da5e0e_JaffaCakes118

Files

37678e2be57ed1bc687026d786da5e0e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a9e47221712854134ef892fdc47d9b42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetProcessDefaultLayout

shlwapi

StrStrA

kernel32

IsDBCSLeadByte

Exports

Exports

AssictCopL
?IsFailedLow@@YG_JU_FORMFACTOR@@U_PROGRESS_INVOKE_CMP@@IL
?LoginConnect@@YG_JU_FORMFACTOR@@U_PROGRESS_INVOKE_CMP@@IL

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.write
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.int
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 512B - Virtual size: 258B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ