JaffaCakes118_36fadc910204602ee4c8a945d6825f4c | Triage

Sharing

General

Target

JaffaCakes118_36fadc910204602ee4c8a945d6825f4c
Size

201KB
MD5

36fadc910204602ee4c8a945d6825f4c
SHA1

a11a6c5ab03ae7ccfcdab3b4c5ccc1175d32bfbd
SHA256

e0ff5bfd69dc661be829cab2ba8fff806a09708b4267bf07849d88032634898b
SHA512

3ae0045d3ee6cf28b0720f2b4e50903d9d30a48e3f80c9f45585b69c2388290473fd1cb88330e3aaaa5dad23916988aed43a135497aa275d7a8bb3f51b3c27c4
SSDEEP

3072:jOp7TdGZgtjChOji8k+pDCX1AahsJLWaRGnrit0XxWWWLGuA9lf:yp74CRUPH0bMJoIj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_36fadc910204602ee4c8a945d6825f4c

Files

JaffaCakes118_36fadc910204602ee4c8a945d6825f4c
.exe windows:4 windows x86 arch:x86

71dda7768a30aad97ab6e4cbfedc2748

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapDestroy
CreateFiber
HeapAlloc
VirtualProtect
IsProcessorFeaturePresent
VirtualQuery
GetProcAddress
ResumeThread
GetLocaleInfoA
HeapReAlloc
InterlockedCompareExchange
EnumResourceNamesA
GetCommandLineA
RtlUnwind
VirtualFree
UnhandledExceptionFilter
ExitProcess
HeapSize
SetThreadPriority
VirtualAlloc
GetSystemInfo
SetUnhandledExceptionFilter
TerminateProcess
GetACP
LoadLibraryA
WriteFile

user32

RealGetWindowClassA
UnionRect
SetFocus
GetParent
IsWindow
CallWindowProcA
UnregisterClassA
PtInRect
InvalidateRect
GetClientRect
GetFocus
IntersectRect
IsChild
RegisterClassExA
EndPaint
GetKeyState
BeginPaint
CreateWindowExA

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ