37bde67e3bd6b3fd42e0cfb6c6d44f54_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37bde67e3bd6b3fd42e0cfb6c6d44f54_JaffaCakes118
Size

19KB
MD5

37bde67e3bd6b3fd42e0cfb6c6d44f54
SHA1

5241a7773ef0f2595497e1fcd43f95d190631582
SHA256

12dd4bc4d985760eb6eadcc6a079906cc0c9542d0534b06161af4fefedd9f5ca
SHA512

eff485c4e8f2b84ec0d22bca30431dfd19bc7009d89e0a046587703596676c41fcaac706d81ea3e4a74d5283099eaa535bad3d6c4dd614a2bd1e3ace1fb35972
SSDEEP

384:iNuDXP9Qe77c7RkHEo/fb6baPhvuTJE+yndeqaoEECJYb6Oj/IwN:n7oQV/zZtut/y0CEEvGTi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37bde67e3bd6b3fd42e0cfb6c6d44f54_JaffaCakes118

Files

37bde67e3bd6b3fd42e0cfb6c6d44f54_JaffaCakes118
.exe windows:1 windows x86 arch:x86

855f6373b7aba910869c9efb7fd75edf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CopyFileA
CreateFileA
CreateMutexA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
GetFileSize
GetFileTime
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetSystemDirectoryA
GlobalAlloc
GlobalFree
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetFilePointer
SetFileTime
Sleep
VirtualAlloc
WinExec
WriteFile

user32

PeekMessageA
wsprintfA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA

imagehlp

CheckSumMappedFile
ImageLoad
ImageUnload

iphlpapi

GetAdaptersInfo

ntdll

ZwQuerySystemInformation

sfc

ord5

Sections

.flat
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ