36b811be771bc40676e1ae1379ae694a_JaffaCakes118

General

Target

36b811be771bc40676e1ae1379ae694a_JaffaCakes118
Size

194KB
MD5

36b811be771bc40676e1ae1379ae694a
SHA1

946fd84f92fbb63f8bf7d35481cba97d0e67ee13
SHA256

cd125d197b362fcd3ad2afae595c25a2d7a8298d50121bc0cf2f4c821aa7bad6
SHA512

ea908c09bf64191bfa5a992169df29bb7e92b574eee3136edc4781f97e3d4784f5cfe3b9bc0895dc68678db25368a83dbf9974e960054fdd8690d6648f96b2e0
SSDEEP

6144:1M55lf9pyw+L9YK+b/b1bLqV9dJG7KRPIlnnxw:144LObIE7KRPI8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36b811be771bc40676e1ae1379ae694a_JaffaCakes118

Files

36b811be771bc40676e1ae1379ae694a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fc725aa47b7da4884abcba710bad7fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

user32

GetWindowLongA
GetParent
SetWindowLongA
GetClientRect
IsChild
InvalidateRect
SetWindowRgn
IntersectRect
RegisterClassExA
LoadCursorA
PtInRect
SetWindowPos
IsWindow
RealGetWindowClassA
GetDC
wsprintfA
CallWindowProcA
CharNextA
ReleaseDC
SetFocus
GetKeyState
UnregisterClassA
BeginPaint
GetFocus
DefWindowProcA
GetClassInfoExA
EndPaint
ShowWindow
CreateWindowExA
EqualRect
UnionRect
OffsetRect
DestroyWindow

kernel32

CreateFiber
RtlUnwind
HeapDestroy
UnhandledExceptionFilter
GetProcAddress
VirtualFree
VirtualAlloc
InterlockedCompareExchange
HeapSize
GetCommandLineA
SuspendThread
HeapAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemInfo
GetLocaleInfoA
EnumResourceNamesA
HeapCreate
GetACP
SetThreadPriority
TerminateProcess
LoadLibraryA
VirtualProtect
SetUnhandledExceptionFilter
ExitProcess
VirtualQuery
HeapReAlloc
WriteFile

Sections

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fc725aa47b7da4884abcba710bad7fd

Headers

File Characteristics

Imports

setupapi

user32

kernel32

Sections

.text Size: 175KB - Virtual size: 174KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 16KB - Virtual size: 15KB

.tls Size: 512B - Virtual size: 76KB

.text
Size: 175KB - Virtual size: 174KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 16KB - Virtual size: 15KB

.tls
Size: 512B - Virtual size: 76KB