36f3e84dd18ff88938bb62bf293d7c84_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

36f3e84dd18ff88938bb62bf293d7c84_JaffaCakes118
Size

256KB
MD5

36f3e84dd18ff88938bb62bf293d7c84
SHA1

ed989fb96fce22ca26d40f7b08f533305c100fb4
SHA256

2d884952719d3c2f4dd0ed6a8a2da85ca6cf8d05afb52edb09d34c4880223367
SHA512

a93e87c98925aac187e5641e1f14dc97431f3db9c6462fd8218648435fc8fd5cf0f5c31e2e4947a0990dc6f13d1213d51ae1d23af82e38bfb20158504c11fc43
SSDEEP

6144:sV4xNwRjJ+X1NkxIVcp1bT+xkhlxuhuMOoi5ldM:+UwRd0z/Op1T+xk4hut95fM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36f3e84dd18ff88938bb62bf293d7c84_JaffaCakes118

Files

36f3e84dd18ff88938bb62bf293d7c84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d22df9ef40e5d4a94737bb775121989

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mapi32

ord75
ord135
ord17
ord140

kernel32

InitializeCriticalSection
CreateEventW
SetEvent
Sleep
GetVersion
GetVersionExW
GetCurrentProcessId
WaitForMultipleObjects
DuplicateHandle
CreateMutexW
CreateSemaphoreW
LocalFree
LocalAlloc
GetModuleHandleA
lstrcmpA
GetCurrentThread
GetTickCount
GetModuleFileNameW
GetTempPathW
GetTempFileNameW
GetProcessHeap
ExitProcess
GetStringTypeW
GetStringTypeA
WaitForSingleObject
GetCurrentThreadId
FileTimeToSystemTime
lstrcpynA
lstrlenA
GetLastError
MultiByteToWideChar
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
GetFileAttributesW
LoadLibraryW
FreeLibrary
GetCurrentProcess
HeapCreate
GetCPInfo
OpenMutexW
GetLocaleInfoA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
GetStartupInfoA
IsValidCodePage
GetOEMCP
GetVersionExA
RaiseException
SetUnhandledExceptionFilter
GetModuleFileNameA
TlsAlloc
GetACP
GetProcAddress

user32

MessageBoxW
PeekMessageW
SendDlgItemMessageA
DialogBoxIndirectParamW
DestroyCursor
InsertMenuA
GetMenuItemID
GetDesktopWindow
GetMenu
SetTimer
GetTopWindow
OpenClipboard
EndMenu
CharPrevA
LoadMenuW
GetKeyState
SetFocus
SetDlgItemTextA
wvsprintfW
LoadMenuIndirectW
GetClassInfoExW
EnableWindow
DialogBoxParamW
CharNextA
GetScrollPos

advapi32

EqualSid
RegQueryValueExA
RegOpenKeyA
FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegEnumKeyW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteKeyA

shell32

SHGetDesktopFolder
ord680
ShellExecuteExW

ole32

CoCreateInstance

security

SealMessage
CompleteAuthToken

gdi32

StretchDIBits
CreateFontIndirectExW
GdiGetBatchLimit
RemoveFontResourceW
CreateMetaFileA
GetMetaFileW
RemoveFontResourceExW
RemoveFontResourceExA
CreatePalette
AddFontResourceA
TranslateCharsetInfo
CreateColorSpaceA

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Ceqr
Size: 512B - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GR
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZFO
Size: 108KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tLd
Size: 2KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.J
Size: 111KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d22df9ef40e5d4a94737bb775121989

Headers

File Characteristics

Imports

mapi32

kernel32

user32

advapi32

shell32

ole32

security

gdi32

Sections

.text Size: 13KB - Virtual size: 16KB

.Ceqr Size: 512B - Virtual size: 469KB

.rdata Size: 3KB - Virtual size: 50KB

.GR Size: 1KB - Virtual size: 8KB

.ZFO Size: 108KB - Virtual size: 111KB

.tLd Size: 2KB - Virtual size: 363KB

.data Size: 5KB - Virtual size: 311KB

.J Size: 111KB - Virtual size: 195KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 16KB

.Ceqr
Size: 512B - Virtual size: 469KB

.rdata
Size: 3KB - Virtual size: 50KB

.GR
Size: 1KB - Virtual size: 8KB

.ZFO
Size: 108KB - Virtual size: 111KB

.tLd
Size: 2KB - Virtual size: 363KB

.data
Size: 5KB - Virtual size: 311KB

.J
Size: 111KB - Virtual size: 195KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 4KB