37aaad44e6829f71f5e9357716303842_JaffaCakes118 | Triage

Sharing

General

Target

37aaad44e6829f71f5e9357716303842_JaffaCakes118
Size

1.7MB
MD5

37aaad44e6829f71f5e9357716303842
SHA1

4b2394042dd1f275f2febd7ddf34461516d7db68
SHA256

05d029a61ac5516c25ae276f1d99aa604e87b0226102b856bca3aadc9a4432b9
SHA512

f7f407b8f2039f7f3304eaafdcad4480e887eb17942223597eb5edb401b3b1803c861ddc417e249791fc5563e08e9b5612132aec91b4e55baf7b3a5795de9cb7
SSDEEP

49152:E3PM1ptaNs1CHegUMVn4tpVtNUUdc+AsQ6krb6+EeN:F2sIHeSnq3tNZdc+AIkrbSeN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37aaad44e6829f71f5e9357716303842_JaffaCakes118

Files

37aaad44e6829f71f5e9357716303842_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dcef4d6dba2cfd07aab18e14dae8f57f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
OutputDebugStringA
SetConsoleCP
CopyFileW
VirtualProtect
ReleaseMutex
UnmapViewOfFile
SetHandleCount
MultiByteToWideChar
SetUnhandledExceptionFilter
WriteFile
GetModuleHandleA
GetProcAddress
GetCommandLineA
Sleep
WritePrivateProfileStringA
IsProcessorFeaturePresent
SetStdHandle
GetOEMCP
ExitProcess
GetStartupInfoA
GetACP
SetLastError
GetCurrentProcessId
GetVersion

user32

SetWindowPos
SetRect
GetMessageTime
IntersectRect
GetMenuState
GetWindowLongW
GetScrollInfo
SendMessageA
SetForegroundWindow
GetSysColorBrush
SetScrollPos
BeginPaint
GetTopWindow
SetWindowRgn

gdi32

StretchBlt
CreateFontIndirectW
DeleteObject

advapi32

EqualSid
DeregisterEventSource
RegCloseKey

msvcrt

??3@YAXPAX@Z

Sections

.text
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE