336f26cfcd4838f984ebf36df3513e2e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

336f26cfcd4838f984ebf36df3513e2e_JaffaCakes118
Size

228KB
MD5

336f26cfcd4838f984ebf36df3513e2e
SHA1

1cf1083cb234045e638b71c9317af7e54aced9dd
SHA256

b822b3f35a7891d45f8156d680b21777fae07d840bbbb83f6865e849d868af74
SHA512

1667f53fb7e9be782f173460a5206d74b53381d82827365bf9f5a0942c47f9128165de947e3b49d69d2eb618454aa4f2196fc2c05866c202859213eb294b4978
SSDEEP

3072:LGlyWzZo7MX0hFsyw1nP52L18NzYPza/rFBP8Cc:wzZo7MYw1ho1kzIza/H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
336f26cfcd4838f984ebf36df3513e2e_JaffaCakes118

Files

336f26cfcd4838f984ebf36df3513e2e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

62354b19a0677dfadba30c69413ae4c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

UnrealizeObject.PDB

Imports

ntdll

toupper
towupper
strncmp
strcmp

ws2_32

shutdown

lz32

LZSeek

shell32

FindExecutableW

kernel32

FindVolumeClose
DefineDosDeviceA
LocalHandle
FindResourceExA
GetCurrentProcessId
GetStartupInfoA
FindFirstFileA
IsValidLanguageGroup
lstrlenA
GetConsoleDisplayMode
GetLogicalDrives
FindActCtxSectionGuid
GetCurrencyFormatW
GetSystemDirectoryA
GetStringTypeW
FindNextVolumeMountPointW
GetProcAddress
LocalAlloc
GetFileSizeEx
GetSystemTimeAsFileTime
EnumSystemGeoID
GetCommTimeouts
GlobalFindAtomW
GetCommMask
FindFirstFileW
GetConsoleCursorInfo
GetSystemWindowsDirectoryW
lstrcatW
GetDateFormatA
GetCurrentDirectoryA
GetPrivateProfileStructW
FindNextFileA
EscapeCommFunction
GetCompressedFileSizeW
GlobalHandle
GetDiskFreeSpaceExA
VirtualFreeEx
GetMailslotInfo
lstrlenW
lstrcmpiA
GetPriorityClass
QueryIdleProcessorCycleTime
GetConsoleMode
GetModuleHandleW
FindFirstFileExA

msvcrt

system
localeconv
fseek
fputwc
vfwprintf

user32

LoadKeyboardLayoutA
InsertMenuItemA
LoadImageA
DrawIconEx
GetClassNameA
GetSysColor
LookupIconIdFromDirectoryEx
GetMenuStringA
GetClipboardViewer
ExcludeUpdateRgn
GetWindowPlacement
GetScrollPos
GetCursor
GetRawInputDeviceInfoW
GetDialogBaseUnits
DestroyMenu
IsWindowUnicode
MessageBoxW
CreateIconFromResource
InsertMenuA
GetMenuBarInfo
DialogBoxParamA
LoadIconA

advapi32

DeleteService
GetSecurityDescriptorControl

urlmon

FaultInIEFeature

version

GetFileVersionInfoA

msi

ord30

winspool.drv

FindNextPrinterChangeNotification
GetPrinterDataExW
DeletePrinterDriverExW

comdlg32

FindTextW

ole32

GetConvertStg
GetRunningObjectTable

gdi32

LineTo
GetPolyFillMode
GetClipBox
GetCharacterPlacementW
GetObjectType
ExtSelectClipRgn
GetWindowExtEx
GetPath
GetCharWidth32W
GdiSetBatchLimit
GetRegionData
GetOutlineTextMetricsA

wininet

FindNextUrlCacheEntryW

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62354b19a0677dfadba30c69413ae4c7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

ws2_32

lz32

shell32

kernel32

msvcrt

user32

advapi32

urlmon

version

msi

winspool.drv

comdlg32

ole32

gdi32

wininet

Sections

.text Size: 24KB - Virtual size: 22KB

.data Size: 192KB - Virtual size: 190KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 968B

.text
Size: 24KB - Virtual size: 22KB

.data
Size: 192KB - Virtual size: 190KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 968B