36fa125cf0e1cfe9f9f7e5209d98bc9d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36fa125cf0e1cfe9f9f7e5209d98bc9d_JaffaCakes118
Size

26KB
MD5

36fa125cf0e1cfe9f9f7e5209d98bc9d
SHA1

d368ebb56b6dd33e0ad46277564b1ca48c6cefe1
SHA256

d28908bfd61bb84d251b46fe0086add3ec38784807d2448c86a2bc64253bce78
SHA512

b2e758314b6155a4d0f19998574ba1c3fc04c5f8f5981ac0510de2084662256d5c0703cf0e24263cd00c9002aad14ab3c8751f223f554a5451140f946d7e5a42
SSDEEP

384:7bk1s2BbLTGjPFyWvSY4eEiQNU7F2IGrkbxOXsJ3kump:7bke2RLCjPFgYdE1NI4JOOmkump

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36fa125cf0e1cfe9f9f7e5209d98bc9d_JaffaCakes118

Files

36fa125cf0e1cfe9f9f7e5209d98bc9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8cb5923800c415fdb3bf3f67db836633

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
DeleteTimerQueueEx
PrivCopyFileExW
SetVolumeMountPointA
VirtualLock
GetDllDirectoryW
SetConsoleCursorInfo
SetUnhandledExceptionFilter
LocalShrink
SetTapePosition
SetTapePosition

user32

ScrollChildren
WaitForInputIdle
UserClientDllInitialize
EnumThreadWindows
DrawFrameControl
GetWindowModuleFileNameA
FrameRect
ClientThreadSetup
DestroyWindow
DrawTextW
GetMenuItemInfoA

Sections

.text
Size: 23KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 633B - Virtual size: 633B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ