36a77fb62c6dee86344d1a3a2d663603_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36a77fb62c6dee86344d1a3a2d663603_JaffaCakes118
Size

485KB
MD5

36a77fb62c6dee86344d1a3a2d663603
SHA1

799b4935d7155fe6af51f686f1784cd2a5aaf4f9
SHA256

f5e7e7bd3fbdd47a4b913618cfc544547f102f24758c3e9d787b62a30341b934
SHA512

66a08f5613123c6c1ca9362055cc99541fa50ea58dbe0ba6d3a37984c67bc5386405aea0e0ccc04ecc08d5fe9f509c4db48e7e8d1fb2eb848c4659a38660c500
SSDEEP

12288:7zLQnzmRuxQb6DUZvWSIMC5iBcuhgkjOA:3MS0QbI8Ozl5YnhGA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36a77fb62c6dee86344d1a3a2d663603_JaffaCakes118

Files

36a77fb62c6dee86344d1a3a2d663603_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fce6f75e7447ab9008af9757a99206e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\JKGC

Imports

kernel32

OpenMutexA
FlushFileBuffers
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetConsoleMode
TerminateProcess
GetCurrentThreadId
UnhandledExceptionFilter
GetProcessHeap
ExitProcess
CreateMutexA
GetCurrentProcessId
InterlockedDecrement
ReadFile
IsValidLocale
CloseHandle
HeapAlloc
GetFileType
GetTickCount
TlsGetValue
SetFilePointer
CompareStringW
GetLastError
GetStringTypeA
EnumSystemLocalesA
CreateFileA
HeapReAlloc
GetCurrentThread
QueryPerformanceCounter
GetTimeFormatA
GetProcAddress
SetLastError
InterlockedExchange
TlsSetValue
VirtualQuery
IsDebuggerPresent
LCMapStringA
RtlUnwind
CompareStringA
GetCommandLineA
GetTimeZoneInformation
GetACP
GetCurrentProcess
GetLocaleInfoW
GetStdHandle
SetEnvironmentVariableA
GetConsoleCP
GetDateFormatA
GetOEMCP
FreeEnvironmentStringsW
lstrcmpi
LCMapStringW
GetStartupInfoA
GetModuleFileNameA
GetSystemTimeAsFileTime
SetStdHandle
DeleteCriticalSection
GetVersionExA
HeapDestroy
WriteConsoleA
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
InitializeCriticalSection
TlsAlloc
HeapSize
GlobalHandle
MultiByteToWideChar
GetEnvironmentStringsW
LoadLibraryA
GetCPInfo
LeaveCriticalSection
SetConsoleCtrlHandler
Sleep
FreeLibrary
SetUnhandledExceptionFilter
WriteFile
ReadConsoleOutputA
GetConsoleOutputCP
VirtualFree
TlsFree
VirtualAlloc
GetModuleHandleA
WideCharToMultiByte
SetHandleCount
WriteConsoleW
EnterCriticalSection
HeapFree
GlobalFix
InterlockedIncrement
IsValidCodePage

comctl32

InitCommonControlsEx

user32

GetSysColor
ChangeDisplaySettingsExA
SetCaretBlinkTime
DdeCreateStringHandleW
CheckMenuRadioItem
RegisterClassExA
MsgWaitForMultipleObjectsEx
UnregisterClassA
GetMenuItemRect
OpenInputDesktop
CreateWindowExA
SetClassLongA
GetMessageW
PostThreadMessageW
MessageBoxA
DdeAddData
ModifyMenuA
AnimateWindow
DrawEdge
RegisterClassA
ShowWindow
DlgDirListComboBoxW

Sections

.text
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fce6f75e7447ab9008af9757a99206e

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 318KB - Virtual size: 318KB

.rdata Size: 47KB - Virtual size: 66KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 318KB - Virtual size: 318KB

.rdata
Size: 47KB - Virtual size: 66KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 13KB - Virtual size: 12KB