37a9760aaa2ecd7a0c2099d43c6ef7d0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37a9760aaa2ecd7a0c2099d43c6ef7d0_JaffaCakes118
Size

60KB
MD5

37a9760aaa2ecd7a0c2099d43c6ef7d0
SHA1

e36daa49e1e9183d7cdb4c7d9c48f080aceb35bd
SHA256

f6fb4ec4e063e68110669a958ef709aa1f28567a8163b3f0105e31892b983081
SHA512

56603b8b4457f7ad135e616d926541e5aed4ec6bab2cfac21883b74c6e80f962186cd504aa57166b727110eb6249f167939b74057484e1a7ff7877811b9b9e84
SSDEEP

1536:M1WfWnSpSOEcvcBB18IKQ5pOsRyKFD1MFH:8WfyYSOhESbQisQKFD10

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37a9760aaa2ecd7a0c2099d43c6ef7d0_JaffaCakes118

Files

37a9760aaa2ecd7a0c2099d43c6ef7d0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8735d32cb361971bdf93bfb4e7c4841b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
lstrlenA
GetTempPathA
lstrcpyA
GetTickCount
GetVersion
GetLocalTime
CloseHandle
WriteFile
GetLastError
CreateFileA
FindAtomA
lstrcatA
lstrcpynA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetTempFileNameA
CreateMutexA
OpenMutexA
ExitProcess
lstrcmpA
GetCommandLineA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

wsprintfA
GetWindowRect
EqualRect
IsWindowVisible
GetCaretPos
ClientToScreen
GetFocus
InflateRect
GetCursorPos

shlwapi

SHGetValueA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE