36eba04553c277fafad3dbbfa019a3c7_JaffaCakes118 | Triage

Sharing

General

Target

36eba04553c277fafad3dbbfa019a3c7_JaffaCakes118
Size

84KB
MD5

36eba04553c277fafad3dbbfa019a3c7
SHA1

fbbf974974bde6e552e9c9bb0375c83d2369f9e6
SHA256

96749c5809b8b1a60bde6055b7bbca5a4f72c8dcb8cc0dce37d06d03523da698
SHA512

c5fb2db7ff7e46b84eadf442288bf12a6005d434ee39db052361096809fe8dddab701228bcd139ada46553c114887e9aa586bc602c4072e1016e43da4f10ae8b
SSDEEP

1536:PfXkMXSHw+l/4BzQjmUdu6rJu6TfLc+U7S6LkqHPWxa+bVIRMWM7R78PklT0vLCi:XUMiH/EALzrLc7fpHPWxa+eIwJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36eba04553c277fafad3dbbfa019a3c7_JaffaCakes118

Files

36eba04553c277fafad3dbbfa019a3c7_JaffaCakes118
.exe windows:1 windows x86 arch:x86

56b6461802a6bf42b8dc4e46b3ff1435

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind

user32

MessageBoxA

crtdll

_errno
_iob
_itoa
__GetMainArgs
_stricmp
_strnicmp
toupper
abort
exit
fclose
ferror
fgetc
fopen
fputc
fread
fseek
ftell
fwrite
localeconv
localtime
malloc
memcpy
memmove
memset
pow
putc
raise
signal
strcat
strchr
strcmp
strtol
time
ungetc
wcslen
wctomb

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 784B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE