36d3a844bf3f7d944f2cba7c5f71878a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36d3a844bf3f7d944f2cba7c5f71878a_JaffaCakes118
Size

601KB
MD5

36d3a844bf3f7d944f2cba7c5f71878a
SHA1

0975e2e1ed1e3193b09eb43f1088670621019b08
SHA256

2d21b57bdfcf75c25002c070b64175a0ed1cbf2b667b42ff03b412a664c9d787
SHA512

30320d8a91a29a84f8933092634c63d88f516968043006b3e85a74be5e7c9ad3d0c5c38daa60090e63069881f6373a8946e193eb240b686b3c0329973906a82e
SSDEEP

12288:0uQ2c3zHxPJdYAcZMwOWraow5wu/UYyDav1:0uQzHVJdYHauywpiv1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36d3a844bf3f7d944f2cba7c5f71878a_JaffaCakes118

Files

36d3a844bf3f7d944f2cba7c5f71878a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7dbd0e8792734331abae86bb61ab76d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetTickCount
ScrollConsoleScreenBufferA
GetPrivateProfileSectionW
GetSystemInfo
DuplicateHandle
IsBadWritePtr
ConnectNamedPipe
LocalAlloc
WritePrivateProfileStructA
GetShortPathNameA
SetSystemTime
SetEndOfFile
VirtualFree
SetCommTimeouts
EnumResourceNamesA
EnumSystemCodePagesW
PrepareTape
SetCurrentDirectoryA
ExpandEnvironmentStringsW
VirtualAllocEx
GlobalFree
FlushFileBuffers
GetBinaryTypeW
GetFileInformationByHandle
OutputDebugStringW
LocalReAlloc
GetComputerNameW
PeekNamedPipe
GetAtomNameA
CreateDirectoryW
SetFileTime
SetNamedPipeHandleState
OpenMutexA
SetEvent
CreateEventA
QueryDosDeviceA
DeleteFiber
GlobalAddAtomW
_lclose
GetCommConfig
GetLocaleInfoW
EraseTape
WriteConsoleOutputW
GetLargestConsoleWindowSize
GetPrivateProfileStringA
RaiseException
GetCommState
AllocConsole
GetCurrentDirectoryW
SetVolumeLabelA
CreateWaitableTimerA

comdlg32

GetOpenFileNameA
GetOpenFileNameW

ws2_32

WSASetBlockingHook
ntohl
WSAGetQOSByName
WSASetServiceW
select
gethostbyaddr
getprotobyname

user32

LoadMenuA
SetUserObjectSecurity
SetDlgItemTextW
GetSystemMenu
AppendMenuA
EnableWindow
PtInRect
MapWindowPoints
EnumDisplaySettingsExA
LoadMenuW
EnumDisplaySettingsA
GetClipboardOwner
InsertMenuA
AttachThreadInput
DefFrameProcA
SetWindowsHookExA
GetDlgCtrlID
CopyAcceleratorTableW

msvcrt

_setmbcp
isalpha
_spawnlp
_ismbcspace
abort
_fdopen
fclose
fgetwc
rewind
_wchmod
atoi
fopen
_wcsicmp
free
vfwprintf
isspace
frexp
_endthread
_wspawnv
fscanf
_mbsrchr

Sections

.text
Size: 3KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dbd0e8792734331abae86bb61ab76d0

Headers

File Characteristics

Imports

kernel32

comdlg32

ws2_32

user32

msvcrt

Sections

.text Size: 3KB - Virtual size: 251KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 303KB - Virtual size: 302KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 3KB - Virtual size: 251KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 303KB - Virtual size: 302KB

.rsrc
Size: 17KB - Virtual size: 16KB