d036ac1c41921b30a312f5956acc48aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d036ac1c41921b30a312f5956acc48aa_JaffaCakes118
Size

110KB
MD5

d036ac1c41921b30a312f5956acc48aa
SHA1

b91e9d01fa3ef1553e7e90a70f9aafc3dc75419a
SHA256

ebf06b5be5b51d68396c9061483072391cf7b2815713fab39fb052e8842235ec
SHA512

5cc6e5ffea923a5fd2d052b38021f7b7d710aa8ff7c06c9770b64b25239f71365732e6698af31a6f7209da8202f6f64fcebe3574589471940f47051ed280f2c5
SSDEEP

3072:M8d81luppoF0dGrlIsBI0vE46UM+Db4V:6ioi4dBI8E4D4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d036ac1c41921b30a312f5956acc48aa_JaffaCakes118

Files

d036ac1c41921b30a312f5956acc48aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

971a249b77a23c80ab217ce550687a4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
Sleep
VirtualAlloc
VirtualFree
ExitProcess

user32

GetMessagePos

Sections

.text
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 227B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dsfwer
Size: 4KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE