36ce59b941fe3622e33d8929f2ffbfd4_JaffaCakes118 | Triage

Sharing

General

Target

36ce59b941fe3622e33d8929f2ffbfd4_JaffaCakes118
Size

45KB
MD5

36ce59b941fe3622e33d8929f2ffbfd4
SHA1

91288b2372b64e689ceab844022a6be2cf9ecbb2
SHA256

7ef1c22ee2e82bcd08dc8362c13cf07110c251c4c26d285c1f57fe67010c218b
SHA512

54b03a0c3b7232c7aa2c6877876f2f56208905a97d47e6c0e7040af5edcd14074c8a367a1f4f42c0b27643f29e18817822647526d290bc43e041c8e4d5f08b23
SSDEEP

768:4EjuVRbuwWjBecSsKaM/zvYk5oB1i4fI8sKH5jHgzmo/+Mu1YA9zI2Kw:DjmIwxvsKa4vBWi4gJKZjHFzI2K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36ce59b941fe3622e33d8929f2ffbfd4_JaffaCakes118

Files

36ce59b941fe3622e33d8929f2ffbfd4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9969f1b8a990bb3796b63e8e5d7d029a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
EnumTimeFormatsA
Heap32ListFirst
GetOEMCP
GetCompressedFileSizeW
InterlockedExchangeAdd
GetConsoleAliasesW
GetProcessHeaps
CallNamedPipeA
GetCurrentThread
GetProcessPriorityBoost
OpenMutexW
WriteFile
SetLastConsoleEventActive
GetDefaultCommConfigA
FindAtomW
CreateMutexW
GetLastError
VirtualProtectEx
MoveFileExA
IsBadWritePtr
ReadProcessMemory
SetFileAttributesW
GetVolumeNameForVolumeMountPointW
LockFileEx
SetTimerQueueTimer
GetCurrentProcess
MoveFileWithProgressA
LoadLibraryA
GetUserDefaultLangID
GetCalendarInfoW
ResumeThread
GetProcAddress
SetThreadContext
AddConsoleAliasW
SetCommState
LockResource
ShowConsoleCursor
DeleteCriticalSection
AllocateUserPhysicalPages
HeapFree

user32

SetCapture

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE