37b5ea7f9e018d6bb9981c5c0cecbdcf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37b5ea7f9e018d6bb9981c5c0cecbdcf_JaffaCakes118
Size

120KB
MD5

37b5ea7f9e018d6bb9981c5c0cecbdcf
SHA1

57a46133d4ca1bb13ebce65d4ca905c9f72afbc0
SHA256

06b31728d7d561958bb1fc38b6ef3cd45419b29e07f453193970edce7d796d7a
SHA512

429ffd65f85f2a95c03c1391b2c1ba68a72a3521cc239352b4342beaf33164ff1c7fabaa57f44ebdd4007b1d90a012226b64f750a93692768245d400d91cb5c5
SSDEEP

3072:qqZ3oerdgaZdkcBG223SonQyh0/TGEFPnypakVcHy/V:qqjrdgia3uypRVp/V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37b5ea7f9e018d6bb9981c5c0cecbdcf_JaffaCakes118

Files

37b5ea7f9e018d6bb9981c5c0cecbdcf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

323230384f4db20befec6c56b61afd8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
VirtualFree
GetModuleHandleA
GetModuleHandleA
GetCurrentProcessId
LocalAlloc
LocalFree

user32

DestroyWindow
PostMessageW
DestroyWindow
DefWindowProcW
CreateWindowExW
GetSystemMetrics
GetMessageW
GetSystemMetrics

gdi32

MoveToEx
GetDeviceCaps
MoveToEx
CreateCompatibleDC
GetStockObject
CreateCompatibleBitmap
SetTextColor
LineTo
BitBlt

ntdll

NtAllocateVirtualMemory

Sections

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ