36021b1e7aa9110de8d2eb65a6a6fc55_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36021b1e7aa9110de8d2eb65a6a6fc55_JaffaCakes118
Size

336KB
MD5

36021b1e7aa9110de8d2eb65a6a6fc55
SHA1

d3c2cd8ae8e204266b89b400c60934b78958ffac
SHA256

410b5c6d991da68f0104a9a5dd1c3ba8a8d335cbafadcef0f4bdd5a76f451af3
SHA512

a84cb2928df0bfcf524750862cb562762e0b67ab2f72c7350da38adfd8b901088f083224586046e44200d7859b45108b4a17d4db453520e4fc07b168bc3b62c0
SSDEEP

6144:M95GNFAC0pEjYriQdvqvlepDZsTU0ua8j0i4zpi1JNsaDj:J0hpEjYriQNVSh8jr4zgtb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36021b1e7aa9110de8d2eb65a6a6fc55_JaffaCakes118

Files

36021b1e7aa9110de8d2eb65a6a6fc55_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8432e1531e1252bc33fb75d5a74fa8e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
VirtualFree
VirtualProtect
LoadLibraryA
GetProcAddress
GetUserDefaultLCID
ReleaseSemaphore
CreateFileA
WriteFile
GetModuleFileNameA
GetProcessVersion
FreeLibrary
GetEnvironmentVariableA

Sections

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 622B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 284KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE