36eda0ee9726b6d3f94be13ca8e257a1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

36eda0ee9726b6d3f94be13ca8e257a1_JaffaCakes118
Size

103KB
MD5

36eda0ee9726b6d3f94be13ca8e257a1
SHA1

549d57b5726621ee2106dacb4794ac39b2a9a02b
SHA256

cf48a91bb11681b94dc825d06099fa691aa5d6e8b745470847aab65f526aa081
SHA512

26e50645c95235acb4426a25838d3382ad5b1d466257205b39d773cbd869c0f4c8f7603ed08505948c87658a7b258ca98ad87c6c1bd3acbe75d3cd8a2629ff37
SSDEEP

1536:W/r59EcdXv6/tshEsbwjOdKVEegMyM6SYWArwUT9XhfcfRUNv79sESmv7V:W/thZv6/WGs0jOwVE8dnABTXfcEzSEj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36eda0ee9726b6d3f94be13ca8e257a1_JaffaCakes118

Files

36eda0ee9726b6d3f94be13ca8e257a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5beae03ee8403e4a260be14b4157ab0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
VirtualAlloc
SetThreadLocale
GetCurrentProcessId
FreeLibrary
HeapDestroy
LoadLibraryA
GetProcAddress
DeleteFileA
GetCurrentThread
GetFileAttributesA
RaiseException
GetStringTypeW
LocalReAlloc
LocalFree
lstrcmpiA
GetStdHandle
CreateFileA
GetOEMCP
GetVersionExA
EnumCalendarInfoA
GetModuleFileNameA
GetStringTypeA
GetSystemDefaultLangID
SetFilePointer
GetStartupInfoA
EnterCriticalSection
CloseHandle
FindClose
FindResourceA
GetLastError
SetEndOfFile
Sleep
VirtualFree
GetCommandLineA
CreateEventA
GetCPInfo
VirtualQuery
FindFirstFileA
ReadFile
GlobalFindAtomA
ExitProcess
CreateThread
GetFileType
FormatMessageA
GetCurrentThreadId
InitializeCriticalSection
GetFullPathNameA
SetErrorMode
lstrcatA
MulDiv
GetDateFormatA
GetThreadLocale
lstrcpynA
WideCharToMultiByte
DeleteCriticalSection
GetModuleHandleA
GetEnvironmentStrings
GetTickCount
SizeofResource
GlobalDeleteAtom
HeapAlloc
HeapFree
lstrcmpA
SetLastError
GlobalAlloc
LoadLibraryExA
ExitThread
LockResource
LocalAlloc
MoveFileA
GetLocaleInfoA
GetCurrentProcess
lstrlenA
GetACP
GetLocalTime
GetFileSize
FreeResource
WriteFile

msvcrt

memcpy
malloc
strcmp
tan
calloc

user32

CreateIcon
ShowWindow
GetActiveWindow
IsChild
SetCursor
IsWindowEnabled
GetParent
SetWindowPos
IsMenu
GetIconInfo
IsWindowVisible
SetWindowTextA
GetMenuState
GetWindow
CreateWindowExA
GetMessagePos
EqualRect
RegisterClassA
CreateMenu
ShowScrollBar
CheckMenuItem
GetDlgItem
GetClientRect
EnableMenuItem
CallNextHookEx
DefMDIChildProcA
DefFrameProcA
GetDCEx
GetCursor
FrameRect
GetClassInfoA
GetCapture
DrawIcon
CharLowerA
GetScrollRange
GetCursorPos
GetSysColorBrush
DispatchMessageA
CallWindowProcA
TrackPopupMenu
DrawTextA
GetScrollPos
FillRect
GetClassLongA
CharNextA
DispatchMessageW
MessageBoxA
GetScrollInfo
GetMenuStringA
EndPaint
GetMenu
HideCaret
EnumChildWindows
IsDialogMessageA
GetPropA
GetSysColor
GetDC
CreatePopupMenu
DefWindowProcA

Sections

CODE
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5beae03ee8403e4a260be14b4157ab0

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

CODE Size: 52KB - Virtual size: 51KB

.idata Size: 4KB - Virtual size: 3KB

.edata Size: 42KB - Virtual size: 41KB

.data Size: 2KB - Virtual size: 1KB

DATA Size: 2KB - Virtual size: 1KB

CODE
Size: 52KB - Virtual size: 51KB

.idata
Size: 4KB - Virtual size: 3KB

.edata
Size: 42KB - Virtual size: 41KB

.data
Size: 2KB - Virtual size: 1KB

DATA
Size: 2KB - Virtual size: 1KB