37e4a02f4626c300bb266a6942317406_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37e4a02f4626c300bb266a6942317406_JaffaCakes118
Size

38KB
MD5

37e4a02f4626c300bb266a6942317406
SHA1

05a5618f8d92c159dc034d6f09ed413bb01da3df
SHA256

df7f57ab66a927fd3907a05cbff6fe7ccd2a76258a39cdfad4d6bf94587f3d33
SHA512

378e6f3082ece8762a98da775da782db89ad0be8df999c643ab45775f12525bfa30d9b7b137fcb9748f20cd7165048cca4bb289b7aa75393f844e9702dd9bc1d
SSDEEP

768:OwVSmA0j53baftO1EiYKdEedsi/QdrqU5l2ArqMt/Up8t/qQ2jJ:OmqtaEArsZVqU5l2AuM/87Q2jJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37e4a02f4626c300bb266a6942317406_JaffaCakes118

Files

37e4a02f4626c300bb266a6942317406_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e78697114365727791151f6240fa046

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetExitCodeProcess
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDefaultLCID
GlobalUnlock
InterlockedCompareExchange
IsDebuggerPresent
LoadLibraryA
LocalFileTimeToFileTime
QueryPerformanceCounter
SetThreadLocale
TlsFree
VirtualAlloc
VirtualFree

user32

BeginPaint
CharNextA
CreateWindowExA
DrawTextA
GetClassInfoA
GetSysColor
InvalidateRect
IsWindowVisible
ScreenToClient
TrackPopupMenu
TranslateMessage
UpdateWindow

gdi32

CreateHalftonePalette
GetDCOrgEx
GetDIBits
GetWindowOrgEx
PlayEnhMetaFile
SetMapMode

shell32

DragQueryFileW
SHBindToParent
SHBrowseForFolderA
SHCreateDirectoryExA
SHFileOperationA
SHFileOperationW
SHGetFileInfoW
SHGetMalloc
ShellExecuteW
Shell_NotifyIconA

comctl32

ImageList_Destroy
ImageList_Read
PropertySheetW

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ