36f771c1301a3b7d9c9c72b261ded067_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36f771c1301a3b7d9c9c72b261ded067_JaffaCakes118
Size

43KB
MD5

36f771c1301a3b7d9c9c72b261ded067
SHA1

5dc514176c44c31a52024dac50933273fe025a4d
SHA256

e727f240c211670c21b2426d959c684bff264a39723c63115a4744e83dc86192
SHA512

4ce211e887dbd86fc02baf55f2b642273fbe6c8e009ad5bde1f198e5aafc929a4394fdb3fe9522ff1c934d78caefa5e7a835ef018a795cd7244be70943a38f4b
SSDEEP

768:QSR/XeafxOEDmRkIhq5zu3GywrfiRFkQfNm+JbWW+h8zOW:QSJdxOEyRkbdzfizwu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36f771c1301a3b7d9c9c72b261ded067_JaffaCakes118

Files

36f771c1301a3b7d9c9c72b261ded067_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a2215911c88e052407ad20bec23b11e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
CreateFileMappingW
SetThreadPriority
DisconnectNamedPipe
MoveFileExW
FindFirstFileW
UnmapViewOfFile
GetCommandLineA
GetDriveTypeW
EnterCriticalSection
WriteFile
HeapFree
CreateThread
SetFileAttributesW
FlushFileBuffers
GetModuleFileNameA
CloseHandle
GetTempPathW
lstrcpynW
GetModuleHandleA
GetUserDefaultUILanguage
CreateProcessW
GetSystemTimeAsFileTime
lstrcatW
lstrcmpiA
CreateEventW
CopyFileW
GetSystemTime
CreateMutexW
SetLastError

Sections

.xcn
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wtatwj
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eluf
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ