36d2a21654d27d43fa7d12076ba2b90a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36d2a21654d27d43fa7d12076ba2b90a_JaffaCakes118
Size

317KB
MD5

36d2a21654d27d43fa7d12076ba2b90a
SHA1

3a3736e777948f847b8c34ab94da0138df284ec8
SHA256

c4f6f9a84999efecf474d38faf521df9c0072abd10eb9283593e15693ef833b8
SHA512

54d55ab8b9fec05a3dbd156ab53006892e11bad9a9cd5458c6144f4a978351bbbec93ae36cfee346e79db27529418bef818a306b252747f3b8d0d496baf8fe95
SSDEEP

6144:KT0JeC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:KT1nX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36d2a21654d27d43fa7d12076ba2b90a_JaffaCakes118

Files

36d2a21654d27d43fa7d12076ba2b90a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d60628d49d55655cbba2dada2b031beb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
IsBadCodePtr
LocalFree
lstrcpyA
VirtualProtect
GetOEMCP
GlobalFree
GetLastError
GlobalUnlock
GetStdHandle
LoadResource
HeapCreate
LoadLibraryExA
EnterCriticalSection
FreeConsole
DeleteAtom
CloseHandle
SetConsolePalette
GlobalAddAtomA
GlobalAddAtomA
WriteProfileStringA

user32

GetClassInfoExA
GetFocus
DrawEdge
IsIconic
ReleaseDC
EndPaint
GetWindowTextLengthA
ValidateRect
GetDC
GetActiveWindow
GetClassNameA
BeginPaint
CloseWindow
GetParent
ShowWindow
GetForegroundWindow
GetWindowTextA
AlignRects
GetWindow

mprapi

MprAdminUserClose
MprAdminUserWrite
MprAdminUserOpen
MprAdminUserRead
MprAdminUserGetInfo

linkinfo

CreateLinkInfoA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ