37e7a5b2d7d1ac136a9af6f6e38370c4_JaffaCakes118 | Triage

Sharing

General

Target

37e7a5b2d7d1ac136a9af6f6e38370c4_JaffaCakes118
Size

636KB
MD5

37e7a5b2d7d1ac136a9af6f6e38370c4
SHA1

6737985eab15e9e513dc79cb107de0d1295151e9
SHA256

aa33c77e15a5ebbd0e7b96292ec70a5ffef9b8fa9c8150c4ed388d7ec890b32e
SHA512

3ca5720db195516c9c37cc80bbc4c3e0192c8f22981903eaf6b123bd14620352e4c522c56aba751b310f884f269b2dcf86f31778bb71c3a328bf976223bf1d1e
SSDEEP

12288:n7wQBI2ox0auZK248B7xIGJ3bGNacM+oz8JGuS4wLSlFd:n7wAh60aiIM7x5xbMLom44wmF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37e7a5b2d7d1ac136a9af6f6e38370c4_JaffaCakes118

Files

37e7a5b2d7d1ac136a9af6f6e38370c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10c917c7897b46456e3f303d45f32c1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
GlobalUnlock
VirtualProtect
InterlockedExchange
GetModuleHandleA
HeapReAlloc
GetTickCount
CloseHandle
GetStdHandle
GetSystemDefaultLangID
CompareFileTime
lstrlenA
GetCommandLineA
WaitForSingleObject
HeapCreate
SetConsoleCP
SearchPathA
GetConsoleCP
GetAtomNameA
WaitForMultipleObjects
GetVersion

user32

GetKeyState
DestroyMenu
SetWindowPos
FindWindowA
GetKeyboardLayout
MessageBoxA
SetPropA
InsertMenuA
GetDlgItem
IsDialogMessage
CreateMenu
DrawCaption
DispatchMessageA
DispatchMessageA
EnableScrollBar
SetScrollInfo
DialogBoxParamA
GetCursorInfo
InvertRect
CreateCursor
CopyImage
DragObject
CreateIcon

advapi32

RegEnumKeyA
RegCreateKeyExA
RegEnumValueA
RegCloseKey
RegQueryInfoKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ