036dd6642a8fd76e3ef91a6c7d4f993e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

036dd6642a8fd76e3ef91a6c7d4f993e_JaffaCakes118
Size

31KB
MD5

036dd6642a8fd76e3ef91a6c7d4f993e
SHA1

c19177e2d6bcf3a9e64f7c0afebbe047291e3e1e
SHA256

69fc3a3e1ded685d7d78f80d4919e33e09c43c95c8d2eedc99015c3e3605b380
SHA512

fe8d94dcf57b1435c76376e65d25fe15bb990052fca249de976ca2d95f39c968cc63f7f8f1aee7912f8c44a15bd66393d0632ae354697d26424fd5d23601d0e1
SSDEEP

768:lK8ADaX8TgfzyncTq4GCR3XXZxom+YcolSCEV:iDiKn6qZgXXZxPXeV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
036dd6642a8fd76e3ef91a6c7d4f993e_JaffaCakes118

Files

036dd6642a8fd76e3ef91a6c7d4f993e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0ca8fb524d53a294a75f3adfde9e816

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
ExitProcess
GetModuleFileNameA

user32

MessageBoxA

Sections

.data
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ