36bc8d3e851bdec48a2047003ebe0803_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

36bc8d3e851bdec48a2047003ebe0803_JaffaCakes118
Size

112KB
MD5

36bc8d3e851bdec48a2047003ebe0803
SHA1

cecd48eeffc2b2ffc8d555c0d9a1bb3a2353e910
SHA256

7566368e1ab3ac2c13073f8aee459692f40fe564ca3738fc5d5edf072d1ee20f
SHA512

67561fd2591e3f16bd00742d3bfe7b01714d0b3bd23a3845975dbb5d2731cb5e12bb55e5b05ce2ac3a29bd235c64386c571daeb061d74a869facac9705297c05
SSDEEP

3072:fZeFDhceUo1yeBGHeIz1GYbQs750dcPhUIivrU:xeRUoc+IPUCZUO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36bc8d3e851bdec48a2047003ebe0803_JaffaCakes118

Files

36bc8d3e851bdec48a2047003ebe0803_JaffaCakes118
.dll windows:5 windows x86 arch:x86

74132b19386258006218f24618940e16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

X:\OsATCmb\Rtlru\rLUXof.pdb

Imports

kernel32

GetStartupInfoA
GetProcAddress
LockResource
GetHandleInformation
lstrcmpiW
GetPriorityClass
LoadLibraryW
OpenSemaphoreW
GetThreadTimes
IsValidLanguageGroup
Sleep
EnumResourceLanguagesA
lstrlenW

comdlg32

CommDlgExtendedError
PageSetupDlgW
ReplaceTextW
ChooseFontW

comctl32

CreateToolbarEx
InitCommonControlsEx
ImageList_GetImageCount
ImageList_GetIconSize

user32

GetPropW
SetTimer
GetActiveWindow
GetMenuItemCount
wsprintfW
LoadMenuW
CharNextA
ChildWindowFromPointEx
CharLowerA
TranslateMessage
DialogBoxParamA
IsCharUpperA
ShowScrollBar
GetWindowLongW

shlwapi

StrCmpNW

gdi32

PtVisible
CreatePalette
RealizePalette
CreateSolidBrush
CreateDCW
CreatePolygonRgn

Exports

Exports

?rkMCcriNkhErqYtfhbgRh@@YGPAJGD@Z
?exarliksxgsfrwmcvoqa@@YGPAXEE@Z
?UAxTmbvTlZxbaBib@@YGIJJ@Z
?gkljhhwbyuJvzY@@YGDN@Z

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 215B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temp
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74132b19386258006218f24618940e16

Headers

File Characteristics

PDB Paths

Imports

kernel32

comdlg32

comctl32

user32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 215B

.temp Size: 76KB - Virtual size: 76KB

.data Size: 5KB - Virtual size: 17KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 17KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 215B

.temp
Size: 76KB - Virtual size: 76KB

.data
Size: 5KB - Virtual size: 17KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB