36ca604796827045f1a56c0624267579_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36ca604796827045f1a56c0624267579_JaffaCakes118
Size

275KB
MD5

36ca604796827045f1a56c0624267579
SHA1

4b9facc701269f8899dc385ced53d88a54af8485
SHA256

b3d9b2a41a0d559b6520ebd78df2e998cb5ecdb1dc959d6fb02dcd189a61e6b5
SHA512

ac05c845806c8b803055c4d7e555896c58bae9c2e8dd495aa8d50feb1b29149cb29af25e8ae70586b05feb62a29d40d928ec11cce11cbb4f261e3a9273ec6418
SSDEEP

3072:IdpxT0OIkIS1mmYqQbpQ/9sPJS1m6wOoCHFewWBFM87EpnlpNdFRhlDTbsgGaaNM:IPmDkdbBQbp003FCleTFMuEplRh1+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36ca604796827045f1a56c0624267579_JaffaCakes118

Files

36ca604796827045f1a56c0624267579_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec121ccaa6572281b8f0a0bc702b613e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateThread
DeleteFileA
EnterCriticalSection
ExitThread
GetCurrentProcessId
GetEnvironmentVariableA
GetProcAddress
GetProfileStringA
GetTickCount
GlobalAlloc
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
LoadLibraryA
LocalUnlock
SetCurrentDirectoryA
SetErrorMode
SetEvent
Sleep
WaitForSingleObject
WriteConsoleA
lstrlenA

user32

DestroyMenu
DestroyWindow
DrawFocusRect
EqualRect
InsertMenuItemW
InvalidateRect
IsWindowEnabled
IsWindowVisible
LoadBitmapW
LoadCursorW
PtInRect
SetWindowPlacement
TranslateMessage

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ