136daef5db1daf92620bac201248ed05_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

136daef5db1daf92620bac201248ed05_JaffaCakes118
Size

58KB
MD5

136daef5db1daf92620bac201248ed05
SHA1

0cd559d1365d2b62f6158239c5a3a1028eea160a
SHA256

9fe3450ddc8a907df48476e1428d9b602c875d82748d4541b76553326837d879
SHA512

5014b5195908adeaaadd288823f770e5e5555517f339a7e3110732c168c061094cbd06ecf184c1769680c14e0e24d361e7c80f4b7ac3a28535feb89ea923a2c5
SSDEEP

1536:9wmpi5mCTP6FpZ68EHr7dVMOmF2jbxWGq6i:mJmQPL/dV5S2jbxWGqN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
136daef5db1daf92620bac201248ed05_JaffaCakes118

Files

136daef5db1daf92620bac201248ed05_JaffaCakes118
.exe windows:5 windows x86 arch:x86

522e8ccf6ba1e69f4bcc38d3e5cebe39

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingW
CreateFileW
CreateMutexA
CreateProcessW
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DuplicateHandle
EnterCriticalSection
FindClose
FindResourceA
FlushInstructionCache
FormatMessageA
FreeLibrary
GetACP
GetCurrentThread
GetCurrentThreadId
GetFileSize
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetProcAddress
GetSystemDefaultLCID
GetSystemInfo
GetSystemTime
GetThreadLocale
GetTickCount
GetVersion
GetVersionExW
GlobalAlloc
GlobalLock
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadStringPtrA
IsBadStringPtrW
IsBadWritePtr
CreateFileMappingA
LeaveCriticalSection
LoadLibraryW
LocalAlloc
LocalFree
MapViewOfFile
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenEventW
OpenFileMappingW
RaiseException
ReadFile
ReleaseMutex
ResetEvent
ResumeThread
SetErrorMode
SetEvent
SetFilePointer
SetLastError
SetThreadLocale
Sleep
TerminateThread
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WriteFile
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenA
lstrlenW
lstrcatW
GetWindowsDirectoryW
VirtualAllocEx
GetStartupInfoW
CreateEventW
CompareStringW
CompareStringA
CompareFileTime
IsDBCSLeadByteEx
CloseHandle

user32

GetClientRect
GetDC
GetDlgItem
GetLastActivePopup
GetSystemMenu
GetSystemMetrics
LoadCursorW
LoadStringW
LookupIconIdFromDirectory
MessageBoxW
PeekMessageW
ReleaseDC
SendDlgItemMessageW
SetCursor
SetDlgItemTextW
SetForegroundWindow
SystemParametersInfoW
LoadIconW
EnableMenuItem
DispatchMessageW
DestroyWindow
CreateDialogParamW
CopyRect
CharNextW

gdi32

GetTextExtentPointW
GetDeviceCaps
GetTextExtentExPointW

advapi32

RegOpenKeyExW

msvcrt

memcpy

Sections

.textR3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textR2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textR
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

522e8ccf6ba1e69f4bcc38d3e5cebe39

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.textR3 Size: 1024B - Virtual size: 1000B

.textR2 Size: 1024B - Virtual size: 1000B

.textR Size: 1024B - Virtual size: 1000B

.text2 Size: 1024B - Virtual size: 1000B

.text Size: 22KB - Virtual size: 22KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 1024B - Virtual size: 704B

.textR3
Size: 1024B - Virtual size: 1000B

.textR2
Size: 1024B - Virtual size: 1000B

.textR
Size: 1024B - Virtual size: 1000B

.text2
Size: 1024B - Virtual size: 1000B

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 1024B - Virtual size: 704B