36d6f6d6c7631c92ae4ee1c85410e013_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36d6f6d6c7631c92ae4ee1c85410e013_JaffaCakes118
Size

196KB
MD5

36d6f6d6c7631c92ae4ee1c85410e013
SHA1

11e9097277036745b865ffe4f5a409e7d102c535
SHA256

aad3546abbab035c5a7fbbec5eeab5e1a5464c641cb36ffb20249934510b6b0a
SHA512

9e886244607d9d711d7bb9ad59f97b2d6f25e571767ebf89aa84fd8efc886ac9ef2108ce2db58a64ef822dba1b5ea2575ffe99d2ba1dfc83142e80d1343e1eec
SSDEEP

3072:btEnSdmJoQcAx+B7gjAfD29f6fygfulB46426inIHq2v41kLSncl:REBoQcAx+B7g8S90juw6z7IHsml

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36d6f6d6c7631c92ae4ee1c85410e013_JaffaCakes118

Files

36d6f6d6c7631c92ae4ee1c85410e013_JaffaCakes118
.exe windows:5 windows x86 arch:x86

57f4bb022e1b17e64faaa2b05d4c7963

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsDirectoryW

kernel32

GetSystemTimeAsFileTime
LocalFree
GetCPInfo
GlobalFlags
FindClose
GetModuleHandleW
GetComputerNameExW
SetSystemTimeAdjustment

comdlg32

PageSetupDlgW
GetOpenFileNameW

user32

InvalidateRgn
RedrawWindow
GetNextDlgTabItem
AdjustWindowRect
RegisterClassExA
GetCaretPos
InternalGetWindowText
SetRect
CreateCaret
GetForegroundWindow
CreateWindowExA
SetWindowLongW
DispatchMessageW
PtInRect
CopyImage
ReleaseDC

gdi32

ResizePalette
SetDIBitsToDevice
GetDeviceCaps
EnumFontsW
LineDDA
StartDocW
AddFontResourceW

comctl32

ImageList_Draw
CreatePropertySheetPageA
ImageList_Destroy
ImageList_Remove

Exports

Exports

ModifyMutexOriginal@16
SendWindowOld@12
LoadVersionOriginal@8
List@8
EnumListItemOld@12

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ