636152326a58d20058eb595e6c0526d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

636152326a58d20058eb595e6c0526d8_JaffaCakes118
Size

27KB
MD5

636152326a58d20058eb595e6c0526d8
SHA1

3d51154604d07ef1c6e37cffe7cc6dc92fbf5727
SHA256

4ff0684502c442286553493a9b79c25bdc7a7d26c01925a08cc88203bf655903
SHA512

0a1f11b7e9f72a47e786ed70b58ebb19621fbefd729bd21eaeccb0ce495f33e30a83e1f8517b72d176c6cd23ee3b048bf116d14c0ee320f5942e631569f25dbd
SSDEEP

768:QybSZZi9JZJ1SYbPI39m4FnyyiBAQkW/bH:QybMZiPz1pbu9m4FgLhTH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
636152326a58d20058eb595e6c0526d8_JaffaCakes118

Files

636152326a58d20058eb595e6c0526d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3691327f0e5900e4ae03e6394f7e70b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
LocalFree
GetStartupInfoA
LocalAlloc

user32

TranslateMessage
BeginPaint
EndPaint
GetClientRect
GetWindowRect
CreateWindowExA
EndDialog
MessageBoxA
DispatchMessageA
ScreenToClient

msvcrt

memmove
_adjust_fdiv
_initterm
wcschr
_c_exit
_acmdln
__set_app_type
__p__commode
_except_handler3
__setusermatherr
toupper

Sections

.text
Size: 1024B - Virtual size: 931B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 930B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ