1a36eb1f0acf0df09936261dac997591_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a36eb1f0acf0df09936261dac997591_JaffaCakes118
Size

2.9MB
MD5

1a36eb1f0acf0df09936261dac997591
SHA1

732d0e6134351d4ac3b919ea1d8f481ddce3d58d
SHA256

5ba3f6d6364c5f4977342de84265517d974ed98b0c3a7479f0c495a9f761dd7e
SHA512

576c2d9b1187e806f8d844b985106789f0e0969405b67274ccd23a5ceb8864831379950fd31646d46fd2ab8f524d12c2e808bd0d0ec1d360d4f59dc27db133f0
SSDEEP

49152:YW2ZO1wWxjtGqMFuCa3AAFzDOHHDohSybbV/IkAMVgFckUmPg6hOIMW5fyvmOWSV:YWDnltiuD3A1GiRhOIr96hQG9oVQwz6r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a36eb1f0acf0df09936261dac997591_JaffaCakes118

Files

1a36eb1f0acf0df09936261dac997591_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e12afb73cf03655c07c0ba4f85523064

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wcsdup
calloc
iswctype
__getmainargs
_fileno
strstr
_wcslwr
swprintf
_onexit
wcscmp
exit
__badioinfo
wcstombs
_strnicmp
_itow
_snwprintf
_iob
mbstowcs
_ltoa
wcscspn
strchr
_c_exit
_CIacos
_vsnprintf
wcstok
wcsncpy
wcsstr
ceil
_wtol
_wcsnicmp
isalnum
isxdigit
_unlock
_initterm
??0exception@@QAE@ABV0@@Z
fclose
memset
printf

user32

CreatePopupMenu
CallWindowProcA
RegisterClassExA
LoadStringA
RedrawWindow
GetWindowDC
GetSubMenu
CharPrevA
SetRect
GetSysColorBrush
RegisterWindowMessageW
LoadIconA
LoadCursorW
GetWindowTextW
SetFocus
CharNextW
TrackPopupMenu
DestroyWindow
CharNextA
GetCursorPos
CharPrevW
PostMessageA
CheckRadioButton
SendMessageA
SetWindowLongA
DrawTextA
SetCapture
GetProcessWindowStation
IsWindow
GetCapture
GetMessageA
GetMenuItemCount
GetWindow
MessageBoxW
GetDesktopWindow
SetDlgItemTextA
GetSystemMenu
SetDlgItemTextW
CreateDialogParamW
GetSystemMetrics
SendDlgItemMessageW
GetClassNameW
ReleaseCapture
SendMessageW
LoadIconW

kernel32

GetWindowsDirectoryA
IsDBCSLeadByte
SetFilePointer
GetLocaleInfoW
IsDebuggerPresent
GetModuleHandleA
HeapAlloc
GetFileAttributesA
Sleep
LocalFree
GetExitCodeProcess
GetFileSize
CreateThread
CreateFileA
lstrcmpW
GetCPInfo
ExitProcess
HeapSize
InterlockedExchange
GlobalLock
GetModuleFileNameA
GetModuleHandleW
lstrcmpiA
OutputDebugStringA
GetTickCount
GetCurrentDirectoryW
CreateDirectoryW
WaitForMultipleObjects
GetExitCodeThread
GetCommandLineW
OpenEventW
GetCommandLineA
VirtualAlloc
InitializeCriticalSection
GetUserDefaultLCID
GetConsoleMode
GetLocaleInfoA
GetSystemTimeAsFileTime
WaitForSingleObject
FreeEnvironmentStringsW
WriteFile
FileTimeToLocalFileTime
GetCurrentProcess
FindResourceA
GetComputerNameW
LocalAlloc
SetHandleCount
IsBadReadPtr
MulDiv
FlushFileBuffers
LCMapStringW
GetThreadTimes
GetCurrentThreadId
OutputDebugStringW
InterlockedDecrement
SetFileAttributesW
InitializeCriticalSectionAndSpinCount
RaiseException
TlsGetValue
CreateDirectoryA
RtlUnwind
QueryPerformanceCounter
VirtualQuery
OpenMutexW
ReadFile
EnterCriticalSection
GetProcessHeap
GlobalAlloc
SetLastError
FormatMessageA
lstrcatA
TlsFree
TlsAlloc
GetACP

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 512B - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e12afb73cf03655c07c0ba4f85523064

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

Sections

.text Size: 4KB - Virtual size: 4KB

BSS Size: 512B - Virtual size: 2.9MB

BSS Size: 4.9MB - Virtual size: 4.9MB

.tls Size: - Virtual size: 20KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 4KB - Virtual size: 4KB

BSS
Size: 512B - Virtual size: 2.9MB

BSS
Size: 4.9MB - Virtual size: 4.9MB

.tls
Size: - Virtual size: 20KB

.rsrc
Size: 17KB - Virtual size: 16KB