36026d20f3f9d0956351415819ddee4b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36026d20f3f9d0956351415819ddee4b_JaffaCakes118
Size

54KB
MD5

36026d20f3f9d0956351415819ddee4b
SHA1

d91ff9cc5f2c4b575834c3992497a2e68699bcf4
SHA256

6582ad750d4e7fd455f455a26d8eaacd2d1db21c08845afe1630a33a7084cec4
SHA512

b22add0288db19c5dc0509f374e58641031b2f4cc49ad8e7075f4054f8132d20f8268260da217e69e9c059e562c110e0c3f660ea3ef12f5e818344d54026372d
SSDEEP

1536:lC1qohVuukX0yTYZviEt2rU8D4wQRhMR4HTPq7:leqohV7V8qopD4BTPq7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36026d20f3f9d0956351415819ddee4b_JaffaCakes118

Files

36026d20f3f9d0956351415819ddee4b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b4d73c557926a357f01c9f3be3e883ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
ExitProcess
VirtualAlloc
ClearCommBreak
GetStringTypeExA

user32

SendNotifyMessageW
LoadMenuA
ChangeClipboardChain
DlgDirSelectExA

Exports

Exports

OpenFfckrlyqa
CreateChawxxjou
Cbmomuyfuix
GetTagajaqbqgi
Ikifkgg
CreateFlqqjtc
CreateXrgkagimtwv
Oaujtvx
Ydyeqakshwf
Jolxlvpcjc
IsVqnfqokj
ReadYhgeqlaj
Hvvmgedst
SetNnwwsmvkmk
IsMisucfcf
CreateOnyanrd
Wwfqgixlge
GetFbkrjbl
CreateEkklrtcgvf
Iuftxhu

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ