36574e14f76135c8131e92a4645778dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36574e14f76135c8131e92a4645778dc_JaffaCakes118
Size

97KB
MD5

36574e14f76135c8131e92a4645778dc
SHA1

09144e7c9549ce801246d0e35b523df9e0b23abe
SHA256

31da67ed1a7aac62478b23daf3fbdc570cb60a92d7595aa4097886449fda779e
SHA512

e4cdc20957e6603557fe009b6843d3e92d08bdf2beb9f22ab0091d6fdc299738d5f924aa40a76d6455983879924f3e244f0acc1a3568026a89aaee1b630287a5
SSDEEP

1536:ZiNaq1BUkoCRPRKW+9RDQ30xzTQlUzPPEXjmq4KDVmVMiGCYjWQ4u4IJlH:ZKakBUo+9Rc28EPMq10VmVZGhL4JIJt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36574e14f76135c8131e92a4645778dc_JaffaCakes118

Files

36574e14f76135c8131e92a4645778dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86825fdf5cec78bfdaa61e8c46e31ea6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetSystemDefaultLCID
CreateFileW
ReadFile
CloseHandle
GetShortPathNameA
IsBadWritePtr
TlsAlloc
TlsGetValue
TlsFree
HeapAlloc
HeapCreate
HeapDestroy
GetProcessHeap
HeapReAlloc
HeapSize
HeapFree
CreateThread
GetCurrentThreadId
GetCurrentThread
ResumeThread
SetThreadPriority
ExitThread
FileTimeToLocalFileTime
GetLocaleInfoW
CreateFileA
TlsSetValue
QueryPerformanceCounter
GetACP
CreateProcessA
GetModuleHandleA
SetFileAttributesW
lstrcpyA
lstrlenW
GetTempFileNameA
WriteFile
GetFileSize
TerminateProcess
GetSystemDirectoryW
WaitForMultipleObjects
RaiseException
SetEndOfFile
GetExitCodeProcess
GetSystemDirectoryA
TerminateThread
GetModuleFileNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
LoadLibraryW
LoadLibraryExA
GetProcAddress
GetDiskFreeSpaceA
GlobalLock
CreateFileMappingA
FindFirstFileW
FindNextFileW
FindClose
UnmapViewOfFile
MapViewOfFile
CreateMutexA
ReleaseMutex
FindResourceA
LoadResource
SizeofResource
LockResource
FreeResource
GetModuleFileNameW
OpenProcess
FindResourceW
FindFirstFileA
FindNextFileA
SetCurrentDirectoryA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCommandLineW
GetFileTime
LocalFree
VirtualAlloc
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeExA
lstrcatA
IsValidCodePage
SetThreadLocale
GetPrivateProfileStringA
VirtualProtect
SetLastError
GetStartupInfoW
WideCharToMultiByte
LocalAlloc
ExpandEnvironmentStringsA
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
MulDiv
IsDebuggerPresent
GetFileAttributesA
ExitProcess
GetConsoleOutputCP
CreateDirectoryA
SetFileAttributesA
SetStdHandle
CompareFileTime
LocalFileTimeToFileTime
lstrcmpA
GetVersion
LoadLibraryExW
RemoveDirectoryA
WaitForSingleObject
DeviceIoControl
MoveFileA
CreateEventA
SetEvent
ResetEvent
GetExitCodeThread
GetUserDefaultLCID
CopyFileA
GetStringTypeW
DeleteFileW
GlobalAlloc
InterlockedIncrement
GetVersionExW
GetDriveTypeA
CreateEventW
FileTimeToSystemTime
GetWindowsDirectoryA
GetCurrentProcess
DisableThreadLibraryCalls
GetUserDefaultLangID
lstrcpynA
GetCommandLineA
GetLastError
VirtualQuery
SetFileTime
GlobalHandle
CompareStringA
GetThreadLocale
GetLocalTime
FormatMessageA
OpenMutexA
FlushFileBuffers
GetCurrentDirectoryA
SetHandleCount
InterlockedCompareExchange
GetSystemInfo
GetFileType
IsBadCodePtr

msvcrt

_open
rename
wcstoul
_isatty
memchr
_wcsnicmp
fgetc
atoi
_kbhit
__p__fmode
wcscmp
__initenv
_pctype
bsearch
wcsncpy
strncmp
_read
_initterm
_open_osfhandle
_mbscmp
ungetc
_assert
wcslen
iswctype
_mkdir
atexit
_unlink
_iob
__p__environ
calloc
putchar
towlower
_amsg_exit
strchr
tolower
__CxxFrameHandler
towupper
free
longjmp
srand
_fullpath
_lseeki64
_wtol
_snwprintf
_onexit
_wfopen
abort
_utime
clock
_umask
_strcmpi
_ftol
ceil
ftell
_stat
_setmode
memcmp
wctomb
fopen
wcsrchr
_ultoa
_getch
perror
realloc
signal
wcstol
__set_app_type
strcpy
swscanf
_isctype
_beginthreadex
_dup
_lock
malloc
memcpy
_controlfp
_exit
_putenv
_XcptFilter
fputs
__dllonexit
floor
strstr
iswspace
fputc
fprintf
atol
sqrt
strncpy
vsprintf
puts
__p___initenv
strspn
__getmainargs
__setusermatherr
_filbuf
fflush
_flsbuf
_vsnwprintf
atof
_wcslwr
rewind
_cexit
time
wcscat
__pioinfo
_CIpow
_itoa
fsetpos
_c_exit
_close
isspace
wcsncmp
_chmod
fgets
printf
__p__commode
localtime
wcscspn
_setjmp
strncat
localeconv
clearerr
gmtime
cos
_lseek
setlocale
_write
_snprintf
_wtoi
_adjust_fdiv
_mbsicmp
qsort
_get_osfhandle
_wcsicmp
strpbrk
ctime
_fstat
strtok
strtol
wcstombs
__lc_codepage
fclose
_unlock
_filelengthi64
iswdigit
_mktemp
_vsnprintf
_setjmp3
strcmp
_strlwr
_mbsrchr
isxdigit
wcschr
_purecall
pow
_wcsupr
strtoul
strcat
sin
log
_osver
exit
_stricmp
remove
isleadbyte
getenv
memmove
strcspn
_strdup
__mb_cur_max
fwrite
_dup2
_itow
sscanf
fread
swprintf
_getpid
wcsstr
_errno
_fileno
_strnicmp
memset
toupper
_getcwd
strerror
strlen
_fdopen
__badioinfo
_pipe
_ismbblead
rand
_acmdln
isdigit
fseek
fgetpos
sprintf
strrchr

user32

GetWindowTextA
SetCapture
ScreenToClient
DrawIconEx
FillRect
GetWindow
GetFocus
InvalidateRect
GetScrollInfo
TrackPopupMenu
SetCursor
SendMessageA
SetFocus
IsIconic
SetScrollInfo
DrawEdge
IsZoomed
InsertMenuItemA
DrawFrameControl
GetSysColorBrush
RemoveMenu
GetActiveWindow
GetMessageA
GetScrollPos
SetForegroundWindow
GetMenu
DestroyWindow
KillTimer
SetWindowTextA
LoadStringA
DrawMenuBar
GetMenuItemID
GetKeyboardType
GetSysColor
SystemParametersInfoA
EnableWindow
CreateMenu
DestroyCursor
IsWindowEnabled
IsDialogMessageA
DestroyMenu
InflateRect
GetWindowRect
MapWindowPoints
GetMenuState
GetScrollRange
DialogBoxParamA
GetForegroundWindow
RegisterClassA
WindowFromPoint
EndPaint
PtInRect
CreateWindowExA
PeekMessageA
IsChild
GetSystemMenu
EnableMenuItem
DestroyIcon
BeginPaint
SetWindowLongA
WinHelpA
ReleaseDC
GetSystemMetrics
SetScrollPos
UnhookWindowsHookEx
GetDlgItem
FindWindowA
SetRect
CallNextHookEx
RegisterWindowMessageA
GetMessagePos
GetSubMenu
EndDialog
GetClientRect
EnumWindows
SetScrollRange
CallWindowProcA
GetWindowThreadProcessId
AdjustWindowRectEx
GetWindowPlacement
GetWindowDC
IsWindowVisible
DrawIcon
DeleteMenu
LoadIconA
GetTopWindow
GetClassInfoA
LoadCursorA
MessageBeep
CharNextA
GetIconInfo
ScrollWindow
RegisterClipboardFormatA
DefWindowProcA
GetKeyState
GetMenuItemCount
SetClassLongA
OemToCharA
SetClipboardData
SetTimer
EnumThreadWindows
EmptyClipboard
GetCapture
GetMenuStringA
RedrawWindow
CheckMenuItem
MessageBoxA
GetDC
ReleaseCapture
InsertMenuA
FrameRect
CharLowerA
UnregisterClassA
PostQuitMessage
CloseClipboard
SetActiveWindow
GetClassNameA
IsWindow
OffsetRect
UpdateWindow
CreatePopupMenu
SetWindowPlacement
SetWindowsHookExA
LoadBitmapA
IntersectRect
GetCursorPos
DispatchMessageA
GetParent
SetPropA
ClientToScreen
ShowWindow
GetPropA
SetWindowPos
PostMessageA
GetLastActivePopup
WaitMessage
DrawTextA
GetWindowLongA
ShowOwnedPopups
RemovePropA

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86825fdf5cec78bfdaa61e8c46e31ea6

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 49KB - Virtual size: 49KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 2KB - Virtual size: 4KB