36a4f2ef6d18c0fbc941919f735ef65d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36a4f2ef6d18c0fbc941919f735ef65d_JaffaCakes118
Size

119KB
MD5

36a4f2ef6d18c0fbc941919f735ef65d
SHA1

56a24fbd27a8e281ff7b489685908939233ca22b
SHA256

f4d8eae286a661807981e62c96316e6de7ae8078acfcc26490adb27b62090d82
SHA512

011669b0a8e5498df0814ac6aeb2449ee4dd62cf98c85ec17d636a29f54bb6bb6a6a59ae63275948751f0327b24158c5ac7595abd75f33b57a5cfb6d78c09ad7
SSDEEP

3072:oHz7Hkv0fxKmjQAiWaA1mXuoizud6GUPou6jvP0vR:izjoSKLALqniydDgkH0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36a4f2ef6d18c0fbc941919f735ef65d_JaffaCakes118

Files

36a4f2ef6d18c0fbc941919f735ef65d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e7dd6276b2fec5122520bdc652ea3162

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow

kernel32

FindResourceW

shlwapi

StrChrIW

Exports

Exports

PointerControY
?HexControl@@YG_JU_HALIGNLEFT@@U_REMOTECONTROL_SYS@@@Y
?ModelControl@@YG_JU_HALIGNLEFT@@U_REMOTECONTROL_SYS@@@Y

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WARM
Size: 512B - Virtual size: 261B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FIVE
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SOME
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ