36a85d7a1ec8c7368a3c8c0b3cf753ff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36a85d7a1ec8c7368a3c8c0b3cf753ff_JaffaCakes118
Size

521KB
MD5

36a85d7a1ec8c7368a3c8c0b3cf753ff
SHA1

797a45657fe17367e009d32c1643dd4aff1d50a6
SHA256

af3697990ffa835756c1d404ce31889260338dc009b0b904376dd92916010352
SHA512

9394b9dd60a05adc6ab1804786d0acac2d975efc5c662e618d5b2edb93e75d6a6f6ccdebfaa64b315804739b2c192334fe053b3d771aeaa126bd08970084ad1a
SSDEEP

12288:tnmGzUi+TJRowaC3Wf0hOwSi+IEA3/pofYvbhjInH8au9vqX2w:tuiGhaCHeAPpofYtK52

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36a85d7a1ec8c7368a3c8c0b3cf753ff_JaffaCakes118

Files

36a85d7a1ec8c7368a3c8c0b3cf753ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11496688b91fd2db9cb7e9f229e15ec6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
ReplaceTextW

comctl32

InitCommonControlsEx

shell32

SHGetSpecialFolderPathA
DragAcceptFiles
SHGetInstanceExplorer
ShellAboutA

user32

FindWindowExW
PaintDesktop
RegisterClassExA
CreateIconFromResourceEx
RegisterClassA
CheckRadioButton
GetDoubleClickTime

kernel32

TlsSetValue
HeapAlloc
TerminateProcess
IsValidCodePage
UnhandledExceptionFilter
MultiByteToWideChar
VirtualAlloc
GetLastError
FlushFileBuffers
WriteFile
GetConsoleOutputCP
ContinueDebugEvent
DeleteCriticalSection
SetConsoleCtrlHandler
GetDateFormatA
lstrcpyn
GetProcAddress
QueryPerformanceCounter
WriteConsoleW
FreeEnvironmentStringsW
LoadLibraryA
GetOEMCP
CompareStringA
VirtualFree
GetLocaleInfoA
LocalFree
EnterCriticalSection
GetTimeZoneInformation
GetCommandLineA
RtlUnwind
CloseHandle
IsDebuggerPresent
GetCurrentThread
VirtualQuery
GetACP
GetModuleHandleA
TlsFree
CreateMutexA
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
SetEnvironmentVariableA
GetConsoleMode
CompareStringW
InterlockedIncrement
TlsAlloc
LCMapStringW
WideCharToMultiByte
GetEnvironmentStringsW
GetStartupInfoA
GetTickCount
SetLocaleInfoW
OpenMutexA
WriteConsoleA
GetVersionExA
GetConsoleCP
HeapDestroy
InterlockedDecrement
GetFileType
SetHandleCount
EnumSystemLocalesA
HeapFree
SetFilePointer
FreeLibrary
ExitProcess
GetLocaleInfoW
SetLastError
GetCurrentProcessId
InterlockedExchange
GetEnvironmentStrings
LeaveCriticalSection
GetNamedPipeHandleStateW
LCMapStringA
HeapReAlloc
GetCurrentProcess
IsValidLocale
SetStdHandle
GetStdHandle
HeapCreate
GetTimeFormatA
CreateFileA
GetModuleFileNameA
GetCurrentThreadId
Sleep
HeapSize
FreeEnvironmentStringsA
InitializeCriticalSection
GetCPInfo
GetStringTypeA
TlsGetValue
GetProcessHeap
ReadFile
GetUserDefaultLCID
GetStringTypeW

Sections

.text
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11496688b91fd2db9cb7e9f229e15ec6

Headers

File Characteristics

Imports

comdlg32

comctl32

shell32

user32

kernel32

Sections

.text Size: 185KB - Virtual size: 184KB

.rdata Size: 9KB - Virtual size: 20KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 185KB - Virtual size: 184KB

.rdata
Size: 9KB - Virtual size: 20KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 10KB - Virtual size: 10KB