36c29eb9ca80d81367ab4770787fdd8f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36c29eb9ca80d81367ab4770787fdd8f_JaffaCakes118
Size

415KB
MD5

36c29eb9ca80d81367ab4770787fdd8f
SHA1

6419f6d1bb4cae752efa062724b4b2fa6ebd9e48
SHA256

7595bf5ee93a1cce33292f8ba668ee20a9bb3e15bb55dd1b2e8de91e133abc5b
SHA512

a195951017f8fbdf35379e6c1071c1b85c94ea93f2f50f4f9c4630e9ffee6a44b1a123a4a2c57d8bfdf00e715e845ca550bcff077aadadaba13cefc66d069df5
SSDEEP

6144:+1ojUwD3TilJTq4y+ydvMQp7Tmd7xG8twYU42vw:+KowTWTq4yzd/tS7U8tEn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36c29eb9ca80d81367ab4770787fdd8f_JaffaCakes118

Files

36c29eb9ca80d81367ab4770787fdd8f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

662081842e1ef0afdbe753e90268f7ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
CloseHandle
LoadLibraryExA
GetStdHandle
GetACP
GetFileAttributesA
GlobalDeleteAtom
RaiseException
GetSystemDirectoryA
GetLastError
HeapCreate
GlobalFree
SetErrorMode
Sleep
GetLogicalDrives
GlobalAddAtomA
LockResource
GetCommandLineA
GetLocaleInfoA
EnterCriticalSection
VirtualProtect

user32

GetCursorPos
DrawTextA
ReleaseDC
FrameRect
GetWindowTextA
GetMenuItemInfoA
EndPaint
GetParent
BeginPaint
ValidateRect
ShowWindow
GetClassNameA
SetForegroundWindow
GetWindow
GetActiveWindow
wsprintfA
IsIconic
GetFocus
DrawEdge

httpapi

HttpAddUrl
HttpTerminate
HttpCreateHttpHandle
HttpInitialize
HttpRemoveUrl

wshtcpip

WSHNotify

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ