436b6aec6c808bab05efeb9cb23fe565_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

436b6aec6c808bab05efeb9cb23fe565_JaffaCakes118
Size

724KB
MD5

436b6aec6c808bab05efeb9cb23fe565
SHA1

7ceb06c90998b0d3a3de45da31569072a21e1f89
SHA256

e7427a08c6283f6da19aff4cab712901b80795e5102a2126ebcbbac3764c6cd5
SHA512

1c40773eda5280d6e3cff13b8435e368bcad1da730018120087055927df8b3dfd6d7fc66665c94238f75fe8144e83a8ec9a861d139467c98d337298cf711ba21
SSDEEP

12288:SEmHi8rYQgSQMbeDpIHbqL/Sx5Bh5xUsGACEdU3Kj9zhND9KM4bL1C1sk6OTdpDV:WC80QgSHyDpI+O5xUsGF26KRDYM4bzbo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
436b6aec6c808bab05efeb9cb23fe565_JaffaCakes118

Files

436b6aec6c808bab05efeb9cb23fe565_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39146f7918ac596d6408026e087f121f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\ehoa

Imports

advapi32

CryptSetProviderExW
CryptVerifySignatureA
CryptEnumProviderTypesW
RegDeleteKeyA

user32

MessageBoxA
CharPrevW
DdeAccessData
SetWindowWord
SetUserObjectInformationW
SetForegroundWindow
ShowWindow
GetClassInfoExW
CharPrevExA
DefWindowProcW
GetWindowLongA
DdeInitializeA
DdeUninitialize
DlgDirSelectComboBoxExA
SetWinEventHook
FindWindowW
EnumDisplayDevicesW
WindowFromDC
DestroyWindow
ShowCaret
SetPropW
CopyAcceleratorTableW
SystemParametersInfoA
RegisterClassExA
RegisterClassA
CreateWindowExW
VkKeyScanW
SetMenu
GetGuiResources

comctl32

InitCommonControlsEx
ImageList_GetImageInfo

kernel32

CreateSemaphoreA
GetModuleHandleA
GetCurrencyFormatW
HeapReAlloc
TerminateProcess
GetLocalTime
IsBadReadPtr
IsValidCodePage
GlobalFindAtomW
GetStringTypeW
LocalFlags
ConvertDefaultLocale
FindResourceA
SetHandleCount
GetTimeZoneInformation
GetSystemDefaultLangID
OpenWaitableTimerA
WaitCommEvent
TerminateThread
VirtualFree
SetFilePointer
SetEnvironmentVariableA
FreeEnvironmentStringsA
SetEvent
lstrcatA
WritePrivateProfileStructA
ReadConsoleOutputW
GetTickCount
GetConsoleScreenBufferInfo
GetEnvironmentStrings
GetFileAttributesExW
RtlZeroMemory
SetThreadContext
SetConsoleScreenBufferSize
GetFileType
GetSystemInfo
GetFullPathNameA
GetVersionExA
SetConsoleCursorPosition
FormatMessageW
WideCharToMultiByte
GetLastError
InitializeCriticalSection
MoveFileExW
CloseHandle
GetOEMCP
CreateDirectoryA
GetProfileIntA
GetCurrentProcess
FreeLibrary
GetEnvironmentStringsW
GetLogicalDriveStringsA
FlushFileBuffers
GetACP
GetProcessHeaps
TlsAlloc
EnumResourceLanguagesA
GetNamedPipeInfo
GlobalUnfix
ReadFile
GetModuleFileNameW
SetThreadPriority
GetLocaleInfoA
GetLocaleInfoW
GetAtomNameW
VirtualAlloc
SetLastError
MultiByteToWideChar
lstrcpyn
GlobalAlloc
TlsGetValue
LeaveCriticalSection
GetVersionExW
GetCurrentThread
GetModuleFileNameA
HeapSize
OpenMutexA
GetCurrentProcessId
LoadModule
GetStartupInfoA
WriteFile
EnterCriticalSection
WriteProfileStringW
TlsSetValue
FindNextFileW
HeapDestroy
GlobalGetAtomNameW
QueryPerformanceCounter
GetDateFormatA
GetCurrentThreadId
CompareStringA
DeleteAtom
SetComputerNameA
EnumDateFormatsW
HeapAlloc
FreeEnvironmentStringsW
DeleteCriticalSection
HeapCreate
LCMapStringA
GetWindowsDirectoryA
VirtualProtect
ExitProcess
GetCommandLineA
TlsFree
PulseEvent
IsValidLocale
InterlockedDecrement
HeapFree
InterlockedExchange
GetProcessShutdownParameters
GetProcAddress
GetConsoleTitleW
GetCommandLineW
Sleep
GetConsoleOutputCP
EnumSystemLocalesA
LCMapStringW
GetUserDefaultLCID
GetSystemTimeAsFileTime
GlobalFree
IsBadWritePtr
GetStartupInfoW
SetEndOfFile
GetConsoleCP
CreateMutexA
SetConsoleCtrlHandler
CreateRemoteThread
GlobalGetAtomNameA
GetStringTypeA
LocalFree
CompareStringW
GetCPInfo
SetLocaleInfoW
SetStdHandle
LoadLibraryA
LockFileEx
UnhandledExceptionFilter
VirtualQuery
RtlUnwind
GlobalReAlloc
GetStdHandle
GetTimeFormatA

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 448KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39146f7918ac596d6408026e087f121f

Headers

File Characteristics

PDB Paths

Imports

advapi32

user32

comctl32

kernel32

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 448KB - Virtual size: 445KB

.data Size: 136KB - Virtual size: 140KB

.rsrc Size: 48KB - Virtual size: 46KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 448KB - Virtual size: 445KB

.data
Size: 136KB - Virtual size: 140KB

.rsrc
Size: 48KB - Virtual size: 46KB