36e3be379a629c170e22f35e42c077db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36e3be379a629c170e22f35e42c077db_JaffaCakes118
Size

717KB
MD5

36e3be379a629c170e22f35e42c077db
SHA1

9c924e73408b70e67828cbcc8c784df0a2fdb29c
SHA256

08a4612de5ec65a0832111c79157f7c6d5fd2912d07143b84c95cb5e96d9bbfa
SHA512

f239d9a1940748434dad3f625889b8c7df9880511fbc3704b8f966b7e8e8a13b4422103f050bcabec04bf181d70b526751f5979379d06213e099c6e640a5d3fc
SSDEEP

12288:WUqxSEDT5n4GhQn8LnzB4XG0wBtuycNTpvWLQ8c9GwtW8rsxyC3fpQC:akyTyxnSN4XG00tsL+LQ8cswQwsYC3hJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36e3be379a629c170e22f35e42c077db_JaffaCakes118

Files

36e3be379a629c170e22f35e42c077db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b54e7b80951e10bfa66f4cc1c926db4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetVersion
InterlockedExchange
GetConsoleCP
ResetEvent
lstrlenA
GetModuleHandleA
WaitForSingleObject
FindAtomA
HeapReAlloc
GetProfileIntA
GetACP
SetEvent
GetTickCount
HeapWalk
CloseHandle
VirtualProtect
GetAtomNameA
TlsFree
CompareFileTime
GlobalUnlock

user32

DialogBoxParamA
GetMenu
UpdateWindow
MessageBoxA
SetWindowPos
SetPropA
GetScrollRange
LoadIconA
PostMessageA
InsertMenuA
GetSubMenu
SetSysColors
EnableScrollBar
TranslateMessage
CopyRect
GetParent
GetWindowTextA
ModifyMenuA
GetKeyboardLayout
EqualRect
InflateRect
PostQuitMessage
GetDlgItem
GetWindowLongA
DestroyMenu
ScrollDC
ShowWindow
DispatchMessageA
GetMenuStringA

msi

MsiEnumClientsA
MsiEnumProductsA
MsiGetMode
MsiCloseHandle
MsiDoActionA

uxtheme

GetThemeBool

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ