36dab910a093433ae12a12c69f185b6b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36dab910a093433ae12a12c69f185b6b_JaffaCakes118
Size

384KB
MD5

36dab910a093433ae12a12c69f185b6b
SHA1

e1223c7ed0cb967bcd27ba70d1d65bec6e20c70d
SHA256

69ab5ae56ba93e251db6c632d99c1dfcb7b6faeb38a9c2340114072ff2463bd6
SHA512

934bed1969293c30653dcf29fbb3612b0408267cf1c82c7f0ed52d02679da55befaa0f836a362129082da11cfb9aff95dabbca5dae7f2c16f682c4cb4ff63afe
SSDEEP

6144:CbA6d3jtifiHyriyIEEjgB6RqSBlEZdnGMfCnzUM3oAjM7ht2uKFASTgWx9ZM7O9:eA0hi5rGBUeKZgMuTA7daPsgakhfg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36dab910a093433ae12a12c69f185b6b_JaffaCakes118

Files

36dab910a093433ae12a12c69f185b6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccb9239fb119258023a9effb0e7723d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetupComm
GetProcessHeap
SystemTimeToFileTime
FatalAppExitA
SetErrorMode
WaitNamedPipeA
PeekNamedPipe
WritePrivateProfileSectionA
SetLastError
SizeofResource
OpenFile
GetCPInfo
CompareStringA
SetMailslotInfo
WriteProcessMemory
GetConsoleMode
SuspendThread
GetCommConfig
EnumSystemCodePagesW
lstrcpyA
InitializeCriticalSection
DosDateTimeToFileTime
GetNumberFormatW
GetCommandLineW
CreateIoCompletionPort
GetModuleHandleA
GlobalUnlock
GetFileAttributesExA
UnhandledExceptionFilter
FreeLibraryAndExitThread
GlobalFlags
GetVersion
GetAtomNameA
GetDiskFreeSpaceW
FindFirstFileA
_lclose
FormatMessageA
GetHandleInformation
FindFirstFileExW
SetThreadPriorityBoost
CreateDirectoryExA
VirtualAllocEx
GetTempFileNameA
GlobalAddAtomA
GlobalFree
EnumResourceNamesA
FlushFileBuffers
CreateDirectoryW
CreateMutexW
GetLogicalDriveStringsA
_hread
Beep
GetBinaryTypeW
VirtualProtect
GetCommandLineA
OpenMutexA
ClearCommBreak
ReadConsoleOutputA
SetThreadAffinityMask
GetDriveTypeA
CreateNamedPipeW
SetTimeZoneInformation
LocalAlloc
VirtualFree
SetConsoleActiveScreenBuffer
RemoveDirectoryW
CancelIo
GlobalFindAtomA
LocalLock
GetLongPathNameA
SwitchToFiber
PurgeComm
GetCommState
FillConsoleOutputCharacterA
SetConsoleCursorPosition
GlobalFindAtomW
IsBadReadPtr
GetProfileStringA
SetFileAttributesA
FileTimeToLocalFileTime
GetPrivateProfileStringW
WriteFile
CreateEventA
GetFileInformationByHandle
GetTimeZoneInformation
ExitThread
GetCompressedFileSizeW
GetEnvironmentStringsW
EnumTimeFormatsW
GetSystemInfo
IsValidLocale
GetTapeParameters
VirtualQueryEx
FreeLibrary
PulseEvent
WriteConsoleOutputCharacterA
ReadConsoleA
GetCurrentProcess
GetCommModemStatus
GetVersionExA
SetEndOfFile
ExitProcess

user32

ActivateKeyboardLayout
CreateDesktopW
SetWindowTextA
GetUserObjectInformationW
LoadIconW
GetSystemMenu
RegisterDeviceNotificationA
EndDialog
GetKeyboardType
SetForegroundWindow
LoadKeyboardLayoutW
ChangeClipboardChain
CreateAcceleratorTableW
CopyImage
MessageBeep
GetSystemMetrics
GetClassLongW
UnhookWindowsHookEx
InflateRect
PostMessageA
UnhookWinEvent
AdjustWindowRectEx
SubtractRect
InvalidateRgn
DestroyWindow
MapVirtualKeyA
GetScrollRange
DefDlgProcA
GetClassNameW
LoadStringA
SetMenuItemInfoA

gdi32

GetOutlineTextMetricsW
SetBkMode
DescribePixelFormat
CreateICW
CreateDiscardableBitmap
GetNearestPaletteIndex
SetTextColor
GetGlyphOutlineA
ExtTextOutW
FillPath

comdlg32

GetOpenFileNameW
PrintDlgW

advapi32

CryptExportKey
SetSecurityDescriptorDacl
CryptSetProvParam
OpenEventLogW
SetSecurityDescriptorOwner
QueryServiceLockStatusW
CryptDestroyHash
SetFileSecurityA
CryptSetHashParam
LookupPrivilegeValueA
RevertToSelf
RegRestoreKeyW
StartServiceCtrlDispatcherW
LookupAccountSidW
DuplicateTokenEx
LookupAccountNameA
RegEnumValueA
RegQueryValueExA
QueryServiceConfigW
CryptVerifySignatureA
FreeSid
NotifyBootConfigStatus
GetSecurityDescriptorDacl
UnlockServiceDatabase
RegisterEventSourceW
AdjustTokenPrivileges
AddAce
DestroyPrivateObjectSecurity
RegSetValueExW
StartServiceCtrlDispatcherA
ReportEventW
NotifyChangeEventLog
RegOpenKeyA
OpenServiceA
RegLoadKeyW

shell32

SHBrowseForFolderA
SHGetDesktopFolder
ExtractIconA

ole32

OleRegGetMiscStatus
OleCreateMenuDescriptor
CoGetInterfaceAndReleaseStream
ProgIDFromCLSID
OleIsRunning
PropVariantCopy
CoMarshalInterface

oleaut32

LoadTypeLibEx
SysStringLen
SetErrorInfo
QueryPathOfRegTypeLi
SysAllocStringLen

shlwapi

PathQuoteSpacesA
StrCatBuffA

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ccb9239fb119258023a9effb0e7723d7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 332KB - Virtual size: 331KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 40KB - Virtual size: 36KB

.text
Size: 332KB - Virtual size: 331KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 40KB - Virtual size: 36KB