36e9f8563d8e35d06c057bd6a19f90a1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

36e9f8563d8e35d06c057bd6a19f90a1_JaffaCakes118
Size

99KB
MD5

36e9f8563d8e35d06c057bd6a19f90a1
SHA1

7ea3812bfa12413b47609544d3a5d68a847c4318
SHA256

3201cf119da079ebdf6f2c96a1a32b9755a3c7219b17fc2aa20faf242808bab6
SHA512

14b46cef5a83fb97163ad3e2f2adb061a467f508b822e8d8218dcd1ce8ced9d1e0472c23c31a63f34403257aeb11272dbae049a1fdc2aed6436f8fb2a208e68d
SSDEEP

1536:XLjfveJBD/J2ojAnccSVstjaXozoJuVo0BlK+JJUQVuL6GE+JDbViuWj:XvvKBco8cZG+4zbVxSMJUQVlGE+ppK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36e9f8563d8e35d06c057bd6a19f90a1_JaffaCakes118

Files

36e9f8563d8e35d06c057bd6a19f90a1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1e7ab6b3cd2ac2a0c75a4533051b4163

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
PatBlt
GetObjectW
GetPaletteEntries
GetTextExtentPoint32W
GetStockObject

user32

GetDlgItem
EnableWindow
SetDlgItemTextW
IsWindow
GetClientRect
MoveWindow
SetWindowLongW
ShowWindow
GetAsyncKeyState
DispatchMessageW
SetCursor
TranslateMessage
GetDlgItemInt
GetDesktopWindow
LoadCursorW
DestroyWindow
GetDC
GetWindowLongW
DefWindowProcW
PeekMessageW
SetDlgItemInt
IsRectEmpty
ClientToScreen
LoadStringW
wsprintfW
IsWindowVisible
InvalidateRect
ReleaseDC
GetWindowRect
SendMessageW
CreateDialogParamW
CheckRadioButton
CheckDlgButton

kernel32

GetCurrentThread
GlobalUnlock
WaitForSingleObject
lstrcmpW
QueryPerformanceCounter
GetProfileIntA
SetEndOfFile
LoadLibraryW
GetEnvironmentStringsW
lstrlenA
GlobalMemoryStatus
InterlockedDecrement
CreateEventW
IsBadHugeReadPtr
GetFileAttributesW
GetModuleFileNameA
InitializeCriticalSection
CreateFileW
GetThreadPriority
SetFilePointer
ReadFile
FreeLibrary
CreateIoCompletionPort
MulDiv
MultiByteToWideChar
GetSystemTimeAsFileTime
LeaveCriticalSection
ResetEvent
lstrcpyW
IsBadCodePtr
HeapAlloc
GetCurrentProcessId
DeleteCriticalSection
InterlockedIncrement
InterlockedExchange
GlobalAlloc
GetFileSize
GetQueuedCompletionStatus
GetStartupInfoA
GetSystemDefaultLangID
EnterCriticalSection
GetLastError
lstrlenW
IsBadWritePtr
CreateThread
lstrcpyA
WaitForMultipleObjects
lstrcmpiW
GetTickCount
WriteFile
HeapFree
PostQueuedCompletionStatus
WideCharToMultiByte
GetFullPathNameW
CloseHandle
ReleaseSemaphore
GetProcessHeap
GlobalLock
SetThreadPriority
lstrcpynW
DeleteFileW
SetUnhandledExceptionFilter
GetDiskFreeSpaceW
GetPrivateProfileStringW
GetVersionExW
SetEvent
CreateSemaphoreW
GlobalFree
GetCurrentProcess
IsBadReadPtr
VirtualFree
GetSystemInfo
GlobalHandle

winmm

SendDriverMessage
waveInAddBuffer
waveInReset
mixerSetControlDetails
waveInClose
OpenDriver
CloseDriver
mixerClose
waveInGetDevCapsW
waveInStop
mixerOpen
mixerGetControlDetailsW
waveInOpen
mixerGetID
waveInUnprepareHeader
waveInPrepareHeader
waveInStart
mixerGetLineControlsW
mixerGetLineInfoW

msvfw32

ICCompress
ICDecompress
ICGetInfo
ICLocate
ICClose
ICSendMessage
ICOpen

msvcrt

??2@YAPAXI@Z
_ftol
_purecall
_except_handler3
??3@YAXPAX@Z
wcslen

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ole32

StringFromGUID2
CoTaskMemFree
CoFreeUnusedLibraries
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize

advapi32

RegCloseKey
RegEnumKeyW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyW
RegDeleteKeyW
RegQueryValueExW
RegSetValueW
RegOpenKeyW
RegOpenKeyExW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e7ab6b3cd2ac2a0c75a4533051b4163

Headers

File Characteristics

Imports

gdi32

user32

kernel32

winmm

msvfw32

msvcrt

version

ole32

advapi32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 17KB - Virtual size: 84KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 17KB - Virtual size: 84KB

.rsrc
Size: 23KB - Virtual size: 23KB