36394086e18f820f77ad25967d3604bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36394086e18f820f77ad25967d3604bc_JaffaCakes118
Size

28KB
MD5

36394086e18f820f77ad25967d3604bc
SHA1

c70615eaf0c4bd8430a380448fabafff22ec4d80
SHA256

42f93b55fae20dfb4accabde390bd37c70d85a17f8afb30e8868edc9ee1574a9
SHA512

cf784bc5b8f7874092efdffd0d3290704da99a3766085db022c4cdefe3bc20693e7a1a8d731b3001b51204f62d3098ff03dca839f1723b52658631af90364383
SSDEEP

768:N5I7enqAGU0Trl9j3rsfb6WAkkN12AuiYFr8xU+7g8mMY2lhXZdiU:Nm7ecx9jrsfb6WAkkN12AWFr8105P2lo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36394086e18f820f77ad25967d3604bc_JaffaCakes118

Files

36394086e18f820f77ad25967d3604bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4095408a1deca712a8a17f8c3d7b02a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
LoadLibraryA
LocalFileTimeToFileTime
BeginUpdateResourceA
SystemTimeToFileTime
FatalAppExitA
DisconnectNamedPipe
GetStartupInfoA

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ