36f586954d1a8334cd0f918729553193_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36f586954d1a8334cd0f918729553193_JaffaCakes118
Size

146KB
MD5

36f586954d1a8334cd0f918729553193
SHA1

261a1c1c617bf74e9e8fb1431333adb08cdf2851
SHA256

f6be1a08c7671266a19d608848985b72ab1f4019ee51725858405fa81b97c8d6
SHA512

290180b4ffcbbc20b603cac1e2fe98d462d44c88fed4ea83662f727bd0fd57d37d7f4856962e4e5dc6fbf365c84203159d36bc4d38f10f7db05e9d2a79862587
SSDEEP

3072:aYhURGhb4bAfmDtrqKQ/owprLL5liF7eDeSY8:lhUGh6zWow1L167epY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36f586954d1a8334cd0f918729553193_JaffaCakes118

Files

36f586954d1a8334cd0f918729553193_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5bf5759a92dbf4b0a1fbce08e1c28fb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetCurrentThreadId
CreateDirectoryA
GetConsoleMode
OpenFile
ExitProcess
GetCurrentThread
Sleep
GetCPInfo
GetComputerNameA
GetOEMCP
GlobalFree
GetStdHandle
DeleteFileW
ExitThread
GetUserDefaultLangID
GetStdHandle
GetConsoleOutputCP
OpenFile
DeleteAtom
CreateProcessA
Sleep
ExitProcess
FindAtomA
DeleteFileA
GetCurrentProcessId
GetCurrentProcess
DeleteFileA
GetOEMCP
GetUserDefaultLangID
ExitProcess
GetCurrentProcessId
GetFileTime
GetFileSize
GetConsoleOutputCP
GlobalFree
CreateThread
GetConsoleMode
GetStdHandle
GetUserDefaultLCID
GetCurrentThreadId
GetCPInfo
CopyFileW
ExitThread
DeleteFileW
GetFileSize
FindFirstFileA
GetUserDefaultLangID
FindAtomA
GetCurrentProcess
GlobalFree
CopyFileW
GetCommandLineA
ExitProcess
GetConsoleOutputCP
GetCurrentThreadId
GetLastError
GetCurrentProcessId
ExitThread
CreateThread
GetCPInfo
GetCurrentThread
Sleep
GetCurrentThread
GlobalFree
DeleteFileW
ExitProcess
GetOEMCP
GetCurrentThreadId
CreateDirectoryA
FindAtomA
GetStdHandle
GetConsoleMode
ExitThread
GetConsoleOutputCP
GetUserDefaultLangID
DeleteFileA

advapi32

RegQueryValueExA
RegFlushKey
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyW
RegLoadKeyW
RegEnumValueA
RegGetKeySecurity
RegDeleteValueA
RegQueryValueA
RegCreateKeyExA
RegDeleteValueW
RegGetKeySecurity
RegCreateKeyExA
RegQueryValueW
RegEnumKeyA
RegOpenKeyExW
RegEnumKeyW
RegReplaceKeyW
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumKeyExW
RegLoadKeyW
RegFlushKey
RegDeleteKeyA
RegOpenKeyW
RegDeleteValueA
RegCreateKeyW
RegEnumValueA
RegOpenKeyExW
RegEnumKeyExA
RegCreateKeyW
RegEnumKeyW
RegLoadKeyA
RegReplaceKeyA
RegQueryInfoKeyW
RegOpenKeyA
RegEnumKeyExW
RegCreateKeyExW
RegQueryInfoKeyA
RegOpenKeyExA
RegLoadKeyW
RegCreateKeyExA
RegEnumValueW
RegQueryValueExA
RegQueryValueA
RegQueryValueExW
RegEnumKeyW
RegLoadKeyA
RegCreateKeyW
RegOpenKeyExA
RegReplaceKeyW
RegCreateKeyExW
RegOpenKeyA
RegFlushKey
RegQueryInfoKeyA
RegReplaceKeyA
RegEnumValueA
RegOpenKeyW
RegDeleteValueA
RegEnumKeyW
RegDeleteValueW
RegOpenKeyW
RegEnumValueW
RegQueryValueExW
RegEnumKeyA
RegEnumKeyExW
RegFlushKey
RegQueryValueA
RegQueryInfoKeyA
RegDeleteKeyW
RegEnumKeyExA
RegGetKeySecurity
RegQueryValueExA

user32

AppendMenuA
IsWindow
DrawTextW
IsMenu
GetDC
CalcMenuBar
GetCursor
AlignRects
GetMenu
InsertMenuA
AppendMenuW
CopyImage
CopyRect
DialogBoxParamW
LoadMenuA
DrawTextA
DialogBoxParamA

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 105KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bf5759a92dbf4b0a1fbce08e1c28fb9

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 105KB - Virtual size: 417KB

.idata Size: 6KB - Virtual size: 6KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 105KB - Virtual size: 417KB

.idata
Size: 6KB - Virtual size: 6KB