36b002d6bea3302effa330294dc89f1e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36b002d6bea3302effa330294dc89f1e_JaffaCakes118
Size

132KB
MD5

36b002d6bea3302effa330294dc89f1e
SHA1

68b3b00eb4e1ddd80651f8665d2a8ea4f5b7d3d8
SHA256

8673f7aae166457916ce0feb96cac214374dedd0a9cd3dd54cabbc4429b5b28c
SHA512

bc12304537c1ccb73b8055614864794c4611542d12ec54cea0efcf5ce16c35f948536c88e1d22e15239ffc9f4cac822ee2db984dc4afea4010c17473faf6c691
SSDEEP

3072:Ml7s/pkaGJZEDfpFL73b7JFhbu/Mc7hfwtOJKHzyDc:/pkJZOxSNCOouDc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36b002d6bea3302effa330294dc89f1e_JaffaCakes118

Files

36b002d6bea3302effa330294dc89f1e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

960164c99af191f93a5fb6400d46a119

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
SetConsoleKeyShortcuts
DuplicateConsoleHandle
AddConsoleAliasA
FindNextChangeNotification
SetThreadPriorityBoost
Toolhelp32ReadProcessMemory
GetConsoleTitleA
GlobalLock
VerifyVersionInfoA
HeapSummary
SetConsoleTextAttribute
InterlockedExchange
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

PESEC0
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PESEC1
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ