37f50aefb983edb342b972bab622d2f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37f50aefb983edb342b972bab622d2f8_JaffaCakes118
Size

88KB
MD5

37f50aefb983edb342b972bab622d2f8
SHA1

8af83f8c3a106564c66201c8cd71b5fecf9c70b6
SHA256

1e3660581a5b9841224d361e730338e7e0c7ec8d898e3c3813688f2bee5084b0
SHA512

9d22b65f781ed079b99c5a753347292d51f28a7c966503b7439ad8b6d3eb7238444beb641f81fdf8c5623e519fd3623906c9e9332a1dfa532f3d355170c0e34d
SSDEEP

1536:xoLn7yVOCwVXEUt10pHsZ8gwRf4x9C10Qmp3kwlIdl2uXhvYDYB7vzXW:x8CwVX7t10pywuxs1mp3kwlIdMuZSY1a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37f50aefb983edb342b972bab622d2f8_JaffaCakes118

Files

37f50aefb983edb342b972bab622d2f8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2b4fa090fe8aaeb0c434ea7a6e99aee0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

OffsetRect

advapi32

RegQueryValueA

Exports

Exports

ecgwbyn
qsxemptoq
z

Sections

.text
Size: 82KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE