36fb07b232eb91b7841965d8f05e4905_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36fb07b232eb91b7841965d8f05e4905_JaffaCakes118
Size

18KB
MD5

36fb07b232eb91b7841965d8f05e4905
SHA1

052c013bfa4939e710e044348b1843a4accc77c9
SHA256

a809049ee94c331a2a692c43fb671bdbb1b878707d501619ff69264a6fa12400
SHA512

4ccad5c9e1e1c4883c682f6e63e46ec223a247e135ea6872fd13949b3ba4ff59856cd46d66f4d47ac48b79f525ec66ade73599be0ca6109e4b8beec1038a1b06
SSDEEP

384:vQUtuCikILDwAZMEyMkuA+joJLnbVlszXxQUbb4iR:4UtuCiUknyMkh+jcbVqXrfb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36fb07b232eb91b7841965d8f05e4905_JaffaCakes118

Files

36fb07b232eb91b7841965d8f05e4905_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39961c0b04d432ad451db05a64105a24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatW
GetVersionExW
lstrcpyA
EnumTimeFormatsA
CreateMutexA
FoldStringA
CreateDirectoryExW
EnumTimeFormatsA
GetTempFileNameA
SetDefaultCommConfigA

user32

SetWindowsHookA
SetWindowTextA
ChangeMenuW
GetClassInfoExA
DefMDIChildProcW
SetUserObjectInformationA
GetClassNameW
SystemParametersInfoW

gdi32

RemoveFontResourceExA
GetCharWidthFloatA
EnumFontsA
GetICMProfileA
GetTextFaceA
CopyMetaFileW
EnumFontFamiliesA
CopyEnhMetaFileW

Sections

.��
Size: 13KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 1024B - Virtual size: 918B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 822B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ