36f4e4b37c2f791933429c2da49b2970_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36f4e4b37c2f791933429c2da49b2970_JaffaCakes118
Size

828KB
MD5

36f4e4b37c2f791933429c2da49b2970
SHA1

578d7e9fbc9487e5f7f3e10dae270c99cd004556
SHA256

24f476925fb7bc0d207f74a3be297ac4ba81d1c23e05b48208665f9d50fa94e8
SHA512

5cd903348c3193f8bb41241aa2298f02b98cbcda6954ecffe689723f5df44d1df636f4145921afe0c2e630ee93d3c80570d67c19fa1384615de45e555b8c56f3
SSDEEP

24576:n/fJRuSZo5ZpA35XYQO3Ooneupa3iRAAvD0TX2HK+l:/hZo5s3/8L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36f4e4b37c2f791933429c2da49b2970_JaffaCakes118

Files

36f4e4b37c2f791933429c2da49b2970_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9f606df15f259fc76de97f4fca3f52e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
CreateFileA
GlobalLock
GlobalUnlock
WideCharToMultiByte
LockResource
GetVersion
GetCurrentProcessId
DuplicateHandle
GetCurrentProcess
lstrlenW
GetTickCount
CreateFileMappingA
FreeResource
HeapFree
FindResourceA
HeapAlloc
GetExitCodeProcess
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
GetLongPathNameA
FindNextFileA
CreateDirectoryA
DeleteFileA
RemoveDirectoryA
MoveFileA
CopyFileA
OpenProcess
lstrcmpiA
LoadResource
lstrlenA
SetPriorityClass
UnmapViewOfFile
MapViewOfFile
SetErrorMode
GetModuleFileNameA
LoadLibraryA
HeapCreate
GetStartupInfoA
TerminateProcess
InterlockedDecrement
InterlockedIncrement
RtlUnwind
HeapReAlloc
HeapSize
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
CloseHandle
FreeLibrary
IsDBCSLeadByte
FindFirstFileA
FindClose
GetModuleHandleA
GetLastError
GetSystemDirectoryA
GetCommandLineA
ExitProcess
OpenFileMappingA
GetProcAddress
GetPriorityClass
GetTimeZoneInformation
MultiByteToWideChar
SetFileAttributesA
SetUnhandledExceptionFilter

user32

CheckDlgButton
SetFocus
SetWindowLongA
GetWindowLongA
IsDlgButtonChecked
GetScrollPos
SetScrollPos
SetScrollRange
InvalidateRect
GetUpdateRect
CreateDialogParamA
DestroyWindow
DialogBoxParamA
EndDialog
GetClientRect
GetDlgItem
GetClassNameA
GetScrollRange
GetFocus
SetTimer
KillTimer
IsDialogMessageA
TranslateAcceleratorA
MessageBoxA
SetActiveWindow
wvsprintfA
EnumWindows
GetWindowThreadProcessId
IsWindowVisible
SetCursor
LoadCursorA
IsIconic
IsZoomed
SetMenu
GetSystemMenu
EndPaint
DrawIcon
BeginPaint
GetSystemMetrics
GetMessagePos
GetActiveWindow
DefFrameProcA
GetKeyState
RegisterClassA
DefWindowProcA
GetClassInfoA
EnableWindow
GetWindowTextA
GetMenuItemCount
GetMenuItemID
LoadAcceleratorsA
RemoveMenu
CheckMenuItem
EnableMenuItem
DrawIconEx
CreateIconIndirect
GetIconInfo
CreateWindowExA
CallWindowProcA
ScrollWindow
ValidateRect
UpdateWindow
PostQuitMessage
OpenIcon
GetTopWindow
WaitMessage
TranslateMessage
DispatchMessageA
ReleaseCapture
SetCapture
GetCursorPos
GetAsyncKeyState
GetDoubleClickTime
SetForegroundWindow
PostMessageA
LoadStringA
IsChild
GetWindow
ChildWindowFromPoint
ClientToScreen
ScreenToClient
PeekMessageA
FillRect
DrawTextA
IsWindowEnabled
RegisterClipboardFormatA
SetWindowTextA
DestroyIcon
DestroyMenu
GetWindowTextLengthA
GetWindowRect
ShowWindow
SetWindowPos
LoadImageA
GetParent
LoadMenuA
SetScrollInfo
GetSubMenu
AppendMenuA
GetSysColor
GetDC
ReleaseDC
SendMessageA

gdi32

SelectObject
LineTo
MoveToEx
CreateRoundRectRgn
FillRgn
CreateRectRgnIndirect
FrameRgn
Polyline
DeleteObject
CreateFontIndirectA
GetObjectA
GetTextCharset
GetStockObject
SetBkColor
CreatePen
SetDIBitsToDevice
CreateSolidBrush
SetBkMode
SetROP2
GetROP2
GetTextColor
ExcludeClipRect
IntersectClipRect
GetClipBox
DeleteDC
CreateCompatibleBitmap
OffsetViewportOrgEx
RestoreDC
SaveDC
GetBkColor
ExtTextOutA
SetTextAlign
TextOutA
GetTextExtentPoint32A
GetTextMetricsA
GetCurrentObject
GetDeviceCaps
CreateCompatibleDC
CreatePalette
BitBlt
RealizePalette
SelectPalette
CreateDIBitmap
CreatePatternBrush
CreateBitmap
SetTextColor
CreateEllipticRgnIndirect

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoCreateInstance
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

ddraw

DirectDrawCreate

fgsrapi

FGSR_CloseAUP
FGSR_SendOrder
FGSR_AddMovieFile
FGSR_AddImageFile
FGSR_GetStatus
FGSR_OpenAUP
FGSR_CancelOrder
FGSR_AddSoundFile

shell32

SHFileOperationA
DragQueryFileA
SHChangeNotify

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c9f606df15f259fc76de97f4fca3f52e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

version

ddraw

fgsrapi

shell32

Sections

.text Size: 224KB - Virtual size: 222KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 64KB - Virtual size: 61KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 224KB - Virtual size: 222KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 64KB - Virtual size: 61KB

.vmp0
Size: 500KB - Virtual size: 1.6MB