36e314598bcbed1a09a4e12de4ebaceb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36e314598bcbed1a09a4e12de4ebaceb_JaffaCakes118
Size

138KB
MD5

36e314598bcbed1a09a4e12de4ebaceb
SHA1

125951bd8fbfc5b032ba41a8207270a81f9e2677
SHA256

c8b31add91c4812f2a3f70bfa9f697f9d668081f969765d7d39cf3061343b953
SHA512

b9d08ec4865b9931ba0560a1d3e9110151efb72706d08bbe08f6b1ece62d1b85f65d9e356cc026c32baee2339d59f08e9e812fe70242a8dadfd9978611065ed1
SSDEEP

3072:i8PbbeIhRziTfXJnS4BkJPep4Mbre6pr+F8adrmAA:imCSziTRnfRnHeLpNm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36e314598bcbed1a09a4e12de4ebaceb_JaffaCakes118

Files

36e314598bcbed1a09a4e12de4ebaceb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ed433c2b79c971691e7261f2497c702f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetNumberFormatW
RtlUnwind
lstrcmpW
OutputDebugStringA
CreateConsoleScreenBuffer
GetCurrentDirectoryA
CreateActCtxW
VirtualAlloc
GetLastError
ExitThread
SetErrorMode
GetACP
GetModuleHandleA
LoadLibraryW
CreateMutexA
GlobalFree
DeleteFileA
HeapFree
VirtualProtect
GetTimeFormatW
CreateProcessA
VirtualFree
FindNextFileW
DeleteVolumeMountPointA
GetProcAddress

msvcrt

wcstol
__CxxFrameHandler
towupper
wcsrchr
_XcptFilter
iswlower
memcpy
_wtoi
printf
_wcsicmp
_wcsnicmp
swscanf
strncpy
toupper
atoi
wcstok
wcscmp
wcsncpy
_wcmdln
__setusermatherr

user32

GetMenuItemCount
wsprintfW
MapWindowPoints
CheckDlgButton
ReleaseCapture
SetScrollPos
ReleaseDC
GetCursorPos
LoadCursorA
ScreenToClient
LoadMenuW
IsWindow
GetParent
RegisterClassA
UnregisterClassW
DestroyWindow
LoadCursorW
DialogBoxParamA
SetCapture
DispatchMessageW
GetProcessWindowStation
LoadImageW
SendMessageA
CopyRect
SendMessageW
BeginPaint
ClientToScreen

gdi32

PatBlt
RestoreDC
SetTextColor
CreateBitmap
TranslateCharsetInfo
CreateCompatibleDC
CreateFontIndirectW
Rectangle
SetBkMode
StretchBlt

opengl32

glTexCoord2d
glColor4i
glStencilMask
GlmfBeginGlsBlock
glFogfv
glColor3ui
wglShareLists
glColor4d
glTexCoord2dv
glColor4f

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 106B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed433c2b79c971691e7261f2497c702f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 17B

.edata Size: 512B - Virtual size: 124B

.data Size: 56KB - Virtual size: 55KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 512B - Virtual size: 106B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 17B

.edata
Size: 512B - Virtual size: 124B

.data
Size: 56KB - Virtual size: 55KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 512B - Virtual size: 106B