036e490ae52accd92324c9fe0b364b44_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

036e490ae52accd92324c9fe0b364b44_JaffaCakes118
Size

422KB
MD5

036e490ae52accd92324c9fe0b364b44
SHA1

998140a494c6de531325a761efff3eb5a2360f45
SHA256

bcb8f2c555a1d22ab1f27a2e90d6b5785766e272c39b541d08b56ef6f12df8ee
SHA512

5cc0c3e84be17843e3c2361b321e3e53e886eb4927e5e3f965ef2217975e0dc13e7d432faf554cf0a11af40ff218f8990f7f6a336bbba3c5c067a27f2a23419f
SSDEEP

12288:jdFOVNqLLTSlzb11n1JyQ7o5Oh9IQ+u1HDq13X/GtVO+a3uaEbDgpQ2:ZAVAXTSlzb11n1V7o5OhR+u1HDq13X/5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
036e490ae52accd92324c9fe0b364b44_JaffaCakes118

Files

036e490ae52accd92324c9fe0b364b44_JaffaCakes118
.exe windows:4 windows x86 arch:x86

451826bc84fa01a4dace9243e7f64a91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushConsoleInputBuffer
SetStdHandle
GetVersionExA
InterlockedDecrement
GetDateFormatA
TlsSetValue
TerminateProcess
QueryPerformanceCounter
LCMapStringA
HeapCreate
WriteFile
ReadFile
TlsAlloc
DebugBreak
ExitProcess
GetCurrentProcess
DeleteFileW
VirtualFree
CompareStringW
GetEnvironmentStrings
GetCPInfo
HeapAlloc
GetTimeZoneInformation
GetStdHandle
EnumSystemLocalesA
WideCharToMultiByte
GetProfileSectionW
InterlockedExchange
VirtualAlloc
GetLocaleInfoW
GetProcAddress
HeapDestroy
GetModuleHandleA
GetModuleFileNameA
SetFilePointer
EnterCriticalSection
DeleteFiber
OutputDebugStringA
HeapReAlloc
DeleteCriticalSection
IsValidCodePage
GetTimeFormatA
SetEnvironmentVariableA
GetEnvironmentStringsW
CloseHandle
GetSystemInfo
GetACP
IsBadWritePtr
OpenMutexA
HeapFree
SetEnvironmentVariableW
GetOEMCP
LCMapStringW
TlsGetValue
CreateMutexA
GetLocaleInfoA
GetCurrentThreadId
TlsFree
GetSystemTimeAsFileTime
InterlockedIncrement
LoadLibraryA
HeapValidate
FindNextFileA
GetCommandLineA
GetCurrentProcessId
SetConsoleCtrlHandler
GetUserDefaultLCID
DeleteFileA
GetTickCount
GetFileType
SetHandleCount
MultiByteToWideChar
VirtualQuery
FreeEnvironmentStringsW
CreateProcessW
WritePrivateProfileSectionA
GetProfileStringA
GetLastError
UnhandledExceptionFilter
RtlUnwind
GetStartupInfoA
SetLastError
IsBadReadPtr
GlobalAlloc
InitializeCriticalSection
FlushFileBuffers
VirtualProtect
CompareStringA
GetStringTypeW
GetCurrentThread
GetFullPathNameA
IsValidLocale
FreeEnvironmentStringsA
GetStringTypeA
LeaveCriticalSection

comctl32

InitCommonControlsEx

user32

SetMenuInfo
IsDlgButtonChecked
GetClipboardViewer
GetForegroundWindow
GetWindowWord
EnumDisplayDevicesW
SetMenu
CallMsgFilterW
FindWindowA
EndMenu
SetWindowLongW
RegisterClassA
CloseDesktop
SendMessageW
SetUserObjectInformationA
EnumChildWindows
LoadStringW
SetMenuItemBitmaps
DefMDIChildProcA
GetMenuItemRect
DispatchMessageW
GetInputDesktop
ScrollWindowEx
GetQueueStatus
RegisterClassExA
BlockInput
SetWindowsHookExA

Sections

.text
Size: 255KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

451826bc84fa01a4dace9243e7f64a91

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 255KB - Virtual size: 254KB

.rdata Size: 12KB - Virtual size: 30KB

.data Size: 147KB - Virtual size: 147KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 255KB - Virtual size: 254KB

.rdata
Size: 12KB - Virtual size: 30KB

.data
Size: 147KB - Virtual size: 147KB

.rsrc
Size: 6KB - Virtual size: 6KB