36b538af944e92ad3f4b5380c703b6ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36b538af944e92ad3f4b5380c703b6ec_JaffaCakes118
Size

146KB
MD5

36b538af944e92ad3f4b5380c703b6ec
SHA1

2557ce63ee0e9cbea4df4c853230ccb63d890569
SHA256

58b83eebc87bda4e3a71772e4eda9fd6358b374b3a105a0941402c7310a51ae9
SHA512

f47ca866112d8f5cba9181f1e0c06a61a479a4d2dd17a5e564493aa2103451a7521dc16576bee1af409715d443cf0a048b3a9c1dbb5f4f59c890038941e85787
SSDEEP

3072:k6n1V3FLii0SbvAXcSmUqxjRRFVcn6uXrucJRQLItqTTg7KZb:kOHiCbqcSrq1RRwVXrUkn2Zb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36b538af944e92ad3f4b5380c703b6ec_JaffaCakes118

Files

36b538af944e92ad3f4b5380c703b6ec_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e66eca66f75d15d94e62ad67bf328f3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\ftBstXz\ipcvsjztGpVr\jtyjBJOdaOC\flWDahaWavuc.pdb

Imports

shlwapi

StrToIntW

user32

DrawTextExW
CharUpperW
InflateRect
GetMenuState
CharToOemA
InSendMessageEx
LoadMenuA
GetDoubleClickTime
CascadeWindows
RegisterHotKey
OffsetRect
InternalGetWindowText
SetActiveWindow
SetScrollInfo
IsCharAlphaW
ClientToScreen
GetClassInfoExW
AdjustWindowRectEx
RegisterWindowMessageA
SetWindowRgn
GetCursorPos
CreateIconFromResource
SetUserObjectInformationW
GetClassInfoExA
FindWindowW
SetRect
DrawFocusRect
DispatchMessageA
GetSystemMetrics
GetDC
SetWindowPos
CallWindowProcA
GetNextDlgTabItem
GetTopWindow
EqualRect
ClipCursor
DialogBoxParamW
ChildWindowFromPointEx
CharUpperBuffA
ShowCaret
GetScrollRange
DragObject
SystemParametersInfoW
CreateDialogParamW
CharNextW
SetScrollRange
CheckDlgButton
UnionRect
OpenDesktopW
ExitWindowsEx
DrawStateA
GetClassLongA
SetWindowPlacement
TileWindows
IsRectEmpty
GetSubMenu
EnableWindow
SendMessageA
RemovePropW
GetMenuCheckMarkDimensions
ShowScrollBar
GetClassNameW
GetWindowTextA
ShowOwnedPopups
DrawStateW
LoadIconW
BeginPaint
FindWindowExA
IsWindowUnicode
LoadAcceleratorsW
wsprintfW
WaitForInputIdle
GetMenuItemCount
DefFrameProcA
GetWindowLongA
FrameRect
TranslateAcceleratorW
SendInput
LoadStringW
CreateDialogIndirectParamW
AllowSetForegroundWindow
DrawEdge
MessageBoxExW
RegisterClassExW
IsChild
DialogBoxIndirectParamA
GetDialogBaseUnits
ReleaseDC
GetWindowRect
DestroyWindow
GetDlgItemTextW
IsZoomed
SetMenu
MoveWindow
RegisterWindowMessageW
MonitorFromRect
DrawMenuBar
TranslateMessage
InSendMessage
GetWindowDC
ChangeMenuW
PostMessageW
GetMenuItemRect
wsprintfA
GetMessageExtraInfo
EnableScrollBar
DialogBoxIndirectParamW
GetMessagePos
MapVirtualKeyW
FindWindowA
GetMonitorInfoW
CreatePopupMenu
DrawIcon
ShowCursor
DestroyCaret
SetWindowLongW
PostThreadMessageW

comctl32

InitCommonControlsEx
PropertySheetW
ImageList_GetImageCount
ImageList_Create
ImageList_Remove
DestroyPropertySheetPage

kernel32

lstrlenA
GetCommandLineA
SetSystemTime
CreateWaitableTimerW
lstrcmpiA
IsDBCSLeadByteEx
GetModuleFileNameW
GetCurrentThreadId
CreateThread
GetFileSize
MoveFileA
VirtualFree
IsBadReadPtr
DisconnectNamedPipe
GetComputerNameExA
GetSystemWindowsDirectoryW
GlobalDeleteAtom
HeapCreate
HeapValidate
GetComputerNameExW
lstrcpynA
CreateDirectoryA
CreateNamedPipeW
GetOEMCP
IsBadStringPtrW
ReleaseMutex
CopyFileW
UnhandledExceptionFilter
LCMapStringW
FindFirstFileW
EnumResourceNamesW
FileTimeToLocalFileTime
MapViewOfFile
SetHandleInformation
CompareFileTime
GlobalCompact
LoadLibraryExW
LocalFree
lstrcatW
VirtualAlloc
ConnectNamedPipe
GetSystemDefaultUILanguage
VirtualProtect
DuplicateHandle
EnumResourceLanguagesA
GetSystemWindowsDirectoryA
LoadLibraryA
GetTempPathW
SizeofResource
GlobalLock
GetVersionExA
GlobalMemoryStatusEx
OpenFileMappingW
lstrcpyA
GetStdHandle
lstrcmpA

msvcrt

fclose
_controlfp
floor
wcschr
perror
swprintf
__set_app_type
__p__fmode
localtime
__p__commode
putchar
_amsg_exit
getenv
isdigit
_initterm
wcsrchr
setvbuf
wcstod
atol
_ismbblead
_XcptFilter
system
islower
_exit
strpbrk
wcslen
_cexit
strcpy
iswspace
remove
free
time
__setusermatherr
isspace
wcstombs
fgetc
__getmainargs
isalnum
printf
vsprintf
iswdigit
isalpha
wcscpy
wcscat
clearerr
fgets
strspn

Exports

Exports

?GetShiftAltInfo@@YGK_KHE:O

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bit
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.insec
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.inmin
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wall
Size: 512B - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e66eca66f75d15d94e62ad67bf328f3b

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

comctl32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.bit Size: 1KB - Virtual size: 1KB

.insec Size: 6KB - Virtual size: 5KB

.inmin Size: 512B - Virtual size: 86B

.wall Size: 512B - Virtual size: 126KB

.zdata Size: 13KB - Virtual size: 12KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 112KB - Virtual size: 112KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 7KB

.bit
Size: 1KB - Virtual size: 1KB

.insec
Size: 6KB - Virtual size: 5KB

.inmin
Size: 512B - Virtual size: 86B

.wall
Size: 512B - Virtual size: 126KB

.zdata
Size: 13KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 112KB - Virtual size: 112KB

.reloc
Size: 1KB - Virtual size: 1KB