36b6070095082f8a0d90c1bf114ffa96_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36b6070095082f8a0d90c1bf114ffa96_JaffaCakes118
Size

501KB
MD5

36b6070095082f8a0d90c1bf114ffa96
SHA1

6021a5ad3566ae2d6e17e7a5b0517331f3be1897
SHA256

2b2bd0cc77a1560ff71927275cb16f111b3e791ce2623346ed082798bcc6acc7
SHA512

0b6c446a62d8cdb6cd4f2840463230cca768ef909f079d377a8203da79d4c58ec2c344ac5b6bbf66842c42075037ef2caf2001617b187126b9353168da387134
SSDEEP

6144:N77xzGTljoKbT210oFFUPRnx8HKsD6VsceTNZtEZTu0LT5JlafYDaeeuMKDpN2Jn:BOo+KfFUPAHasAn50YlevKl0wp9OGH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36b6070095082f8a0d90c1bf114ffa96_JaffaCakes118

Files

36b6070095082f8a0d90c1bf114ffa96_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5198f2c735fe7bf794eb5aa44df256ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

GetSystemMetrics
ReplyMessage
SetScrollInfo
LoadIconW
GetWindowDC
RegisterClassA
WindowFromDC
SetLastErrorEx
SetRect
GetMessageW
FrameRect
RegisterClassExA
UnhookWindowsHookEx
DdeClientTransaction
ChangeMenuA
SetWindowRgn
UnregisterClassA
SetSysColors
RegisterDeviceNotificationW
wvsprintfW
SetWindowsHookA
GetMessageExtraInfo

kernel32

DeleteAtom
GetTickCount
SetFilePointer
GetLocaleInfoW
OutputDebugStringW
VirtualAlloc
GetModuleFileNameW
GetStringTypeA
MultiByteToWideChar
GetCurrentProcessId
IsBadWritePtr
VirtualQuery
WritePrivateProfileStringW
GetUserDefaultLCID
GetEnvironmentStrings
GetACP
SetStdHandle
LeaveCriticalSection
GetVersionExA
GetEnvironmentStringsW
EnumDateFormatsW
GetStringTypeW
GetOEMCP
FreeEnvironmentStringsW
ExpandEnvironmentStringsW
LCMapStringA
HeapAlloc
SetLastError
TlsAlloc
ExitProcess
GetFileType
GetCurrentThreadId
HeapSize
SetEnvironmentVariableA
ResumeThread
GetTimeFormatA
LoadLibraryA
TlsSetValue
EnumSystemLocalesA
GetSystemTimeAsFileTime
GetCommandLineA
CreateMutexA
GetCurrentThread
RaiseException
OpenMutexA
LCMapStringW
ReadFile
RtlUnwind
GetCurrentProcess
HeapFree
TerminateProcess
InterlockedExchange
SetCurrentDirectoryA
GetShortPathNameA
GetStdHandle
FlushFileBuffers
CompareStringA
TlsFree
VirtualFree
FreeEnvironmentStringsA
WriteFile
GetCPInfo
EnumDateFormatsA
DeleteCriticalSection
GetDateFormatA
GetLastError
GetModuleHandleA
CloseHandle
GetThreadPriority
TlsGetValue
HeapCreate
CreateProcessA
GetProfileStringA
GetStartupInfoW
GetCommandLineW
QueryPerformanceCounter
GetProcAddress
HeapDestroy
WideCharToMultiByte
IsValidLocale
UnhandledExceptionFilter
VirtualProtect
CompareStringW
GetStartupInfoA
LocalCompact
EnterCriticalSection
GetLocaleInfoA
SetWaitableTimer
WaitForMultipleObjects
InitializeCriticalSection
SetHandleCount
HeapReAlloc
ExpandEnvironmentStringsA
IsValidCodePage
GetModuleFileNameA
GetSystemInfo
GetTimeZoneInformation

wininet

RegisterUrlCacheNotification
GopherGetAttributeA
InternetWriteFileExA
GopherGetLocatorTypeW
RetrieveUrlCacheEntryFileW

gdi32

RemoveFontResourceA
GetTextExtentPointW
ExtTextOutW
CombineTransform
GetMetaFileW
SelectObject
SetSystemPaletteUse
RectVisible
EnumFontFamiliesExW
GetDIBits
GetWindowExtEx
CreateFontA
CreateRectRgn
CreateDCA
EndPage
EqualRgn
SetBkColor

shell32

SHGetPathFromIDListW
SHBrowseForFolderA
ShellExecuteExW

advapi32

CryptSignHashA
LogonUserW
AbortSystemShutdownA
RegEnumKeyExW
RegDeleteKeyA
ReportEventA
CryptSetHashParam
RegRestoreKeyW
RegEnumKeyA
CryptImportKey
RegLoadKeyW
CryptEnumProvidersW
LookupAccountSidA
StartServiceW
CryptDuplicateHash

Sections

.text
Size: 326KB - Virtual size: 326KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5198f2c735fe7bf794eb5aa44df256ae

Headers

File Characteristics

Imports

comctl32

user32

kernel32

wininet

gdi32

shell32

advapi32

Sections

.text Size: 326KB - Virtual size: 326KB

.rdata Size: 60KB - Virtual size: 66KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 326KB - Virtual size: 326KB

.rdata
Size: 60KB - Virtual size: 66KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 10KB - Virtual size: 9KB