36f259f55293637b32466e74cb29d429_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36f259f55293637b32466e74cb29d429_JaffaCakes118
Size

670KB
MD5

36f259f55293637b32466e74cb29d429
SHA1

b4ca5bd6a4e9499917e3314324f5798d044f3673
SHA256

22ca32dd35851a1fb51ead03327e3a1550451bc1d46377650fba792cd560556e
SHA512

6cbb9d13ac73b8684d70b970788bc705a3edf17b5761ca97c55dd00cb4b2767c56836b9323266a3792415228c6ad529b4582551d97f7313fc1fd0db6e5cdbbd6
SSDEEP

12288:4R4s28ijBGlWwtyrfFOmNnOZb61XeLLLS3cPT5WPyyR60UH1kt5nUj7xk52Sk21P:Xs28ijBGlW5ZOmFOZb6ILLuSJ6qvc+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36f259f55293637b32466e74cb29d429_JaffaCakes118

Files

36f259f55293637b32466e74cb29d429_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd5b4eb4f60d045086bf87c0749910f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
ShellExecuteExA

kernel32

GetCommandLineA
FindClose
GetDiskFreeSpaceA
CreateDirectoryA
SetFilePointer
GetCurrentDirectoryA
Sleep
GetModuleFileNameA
AllocConsole
GetStdHandle
SetConsoleTitleA
ReleaseMutex
WaitForSingleObject
CloseHandle
CreateMutexA
GetModuleHandleA
GetStartupInfoA
MultiByteToWideChar
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
GetLastError
LoadLibraryExA
WriteFile
GetExitCodeProcess
GetProcAddress
FreeLibrary
LoadLibraryA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

user32

RegisterClassExA
DestroyIcon
PostQuitMessage
DefWindowProcA
GetUpdateRect
BeginPaint
EndPaint
GetClientRect
GetSysColorBrush
LoadCursorA
GetDlgItemTextA
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItem
GetParent
SendMessageA
MessageBoxA
CreateWindowExA
UpdateWindow
UnregisterClassA
LoadIconA
GetClassNameA
EnumWindows
IsWindow
DestroyWindow
GetWindowTextA
ShowWindowAsync
CreateDialogParamA
DialogBoxParamA
InvalidateRect
SetForegroundWindow
EndDialog
GetWindowRect
GetDesktopWindow
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
FillRect
SetWindowPos
SetWindowTextA

ole32

CoCreateInstance
CoInitialize
CoUninitialize
OleUninitialize
OleInitialize

gdi32

DeleteObject
SelectPalette
CreatePalette
BitBlt
CreateCompatibleDC
RealizePalette
GetTextExtentPoint32A
SelectObject
CreateFontIndirectA
SetBkMode
RemoveFontResourceA
AddFontResourceA
CreateSolidBrush
DeleteDC
ExtTextOutA
SetTextColor
CreateCompatibleBitmap

msvcrt

_stat
__p__fmode
__set_app_type
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
floor
remove
atoi
atof
memmove
__p__commode
_ftol
fseek
fread
exit
ftell
_vsnprintf
_snprintf
sprintf
fopen
fclose
fwrite
malloc
free
_except_handler3
_controlfp

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd5b4eb4f60d045086bf87c0749910f8

Headers

File Characteristics

Imports

comctl32

shell32

kernel32

advapi32

user32

ole32

gdi32

msvcrt

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 6KB - Virtual size: 11KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 6KB - Virtual size: 11KB

.rsrc
Size: 6KB - Virtual size: 5KB