36a054cb39f82529a99e95c0e5cd6a42_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36a054cb39f82529a99e95c0e5cd6a42_JaffaCakes118
Size

75KB
MD5

36a054cb39f82529a99e95c0e5cd6a42
SHA1

e1359901cddd6775191b79b7ba9bfd7a1c070dec
SHA256

0b422357985fb50464cc83861b1e1c3f8eab7c630ae3e43d9a19fb16bb2652ea
SHA512

3eee72b7015ed98f49bb5e357c3c27d1cb7a14a08c05b03787d251522e34590f8c4b88c8d35e25790492bfebe256b1ca5f23a22cae39d19dc9692badfb8b4c67
SSDEEP

1536:jLSvgZ3bT69+m3hc1rCDQ3JDTuU02Vu/QtugrAKskngPc4GM:j+vIw+m3hc1rr+2VyQprA1RPr7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36a054cb39f82529a99e95c0e5cd6a42_JaffaCakes118

Files

36a054cb39f82529a99e95c0e5cd6a42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a39e1e18023e995c3ef0965ffb52e18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

iphlpapi

GetAdaptersInfo

kernel32

InitializeCriticalSection
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
CompareFileTime
WaitForSingleObject
GetModuleFileNameA
GetModuleHandleA
lstrlenW
lstrlenA
FreeLibrary
LoadLibraryA
MoveFileA
GetWindowsDirectoryA
SetEvent
CreateEventA
CopyFileExA
GetSystemDirectoryA
GetCurrentProcessId
CreateDirectoryA
GetFileAttributesA
GetCurrentThread
GetThreadPriority
GetCurrentThreadId
GetLocalTime
GetCurrentDirectoryA
CreateMutexA
Sleep
lstrcpynA
GetShortPathNameA
lstrcmpiA
LocalFree
GetEnvironmentStringsW
GetStartupInfoA
CopyFileA
FileTimeToSystemTime
RemoveDirectoryA
SystemTimeToFileTime
GetLastError
MultiByteToWideChar
IsValidCodePage
QueryPerformanceCounter
GetTickCount
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
GetCurrentProcess
IsValidLocale
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
TlsAlloc
GetOEMCP
IsBadWritePtr
GetSystemInfo
ExitProcess
GetCPInfo
HeapCreate
CreateMutexW
GetProcAddress

user32

CharPrevA
PostMessageA
MessageBoxA
CharUpperA
GetSystemMetrics
ActivateKeyboardLayout
GetDlgItemTextW
RegisterWindowMessageA
RegisterClassExA
CharNextW
SetWindowLongW
GetWindowRgn
LoadBitmapW
SetActiveWindow
DefWindowProcA
CharLowerA
GetTopWindow
GetCaretPos
GetMenuState
GetClassInfoW
GetClassInfoExW
CopyIcon
CreateDialogIndirectParamA
LoadImageW
ShowCursor
wsprintfA
LoadBitmapA
SetTimer
mouse_event
EndDialog
SetWindowPos
SendDlgItemMessageA
CharUpperW
CreateAcceleratorTableW
DialogBoxIndirectParamA
CharLowerW

advapi32

IsTextUnicode
ImpersonateLoggedOnUser
RevertToSelf
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetTokenInformation
DuplicateTokenEx
SetTokenInformation
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoUninitialize
CoInitialize
CoInitializeEx
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SysAllocStringByteLen
SysAllocString

shlwapi

PathFileExistsA
PathRemoveFileSpecA

query

DoneCIISAPIPerformanceData

duser

GetGadgetRgn
ForwardGadgetMessage
GetGadgetProperty
GetStdColorI
GetStdPalette
GetGadgetAnimation
DUserGetScalePRID
GetStdColorF
BuildAnimation
UtilSetBackground
DUserRegisterGuts
UtilDrawOutlineRect
UtilGetColor
GetStdColorPenI
SetGadgetRotation
IsInsideContext
FindStdColor
GetGadgetSize
GetGadgetRootInfo
EnumGadgets
GetGadgetRotation
DUserSendEvent

gdi32

DeleteObject
UpdateICMRegKeyA
RemoveFontResourceExW
ExtCreateRegion
CreateScalableFontResourceA
CreateFontA
CreateBitmapIndirect

Sections

.icode
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TeV
Size: 2KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 8KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 7KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VXA
Size: 2KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a39e1e18023e995c3ef0965ffb52e18

Headers

File Characteristics

Imports

wininet

version

iphlpapi

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

query

duser

gdi32

Sections

.icode Size: 5KB - Virtual size: 4KB

.TeV Size: 2KB - Virtual size: 157KB

.text Size: 16KB - Virtual size: 20KB

.rdata Size: 5KB - Virtual size: 21KB

.edata Size: 8KB - Virtual size: 78KB

.data Size: 6KB - Virtual size: 344KB

.edata Size: 7KB - Virtual size: 41KB

.VXA Size: 2KB - Virtual size: 137KB

.rsrc Size: 22KB - Virtual size: 21KB

.icode
Size: 5KB - Virtual size: 4KB

.TeV
Size: 2KB - Virtual size: 157KB

.text
Size: 16KB - Virtual size: 20KB

.rdata
Size: 5KB - Virtual size: 21KB

.edata
Size: 8KB - Virtual size: 78KB

.data
Size: 6KB - Virtual size: 344KB

.edata
Size: 7KB - Virtual size: 41KB

.VXA
Size: 2KB - Virtual size: 137KB

.rsrc
Size: 22KB - Virtual size: 21KB