36fe68fb29e02ca27eef5647cb63f6aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36fe68fb29e02ca27eef5647cb63f6aa_JaffaCakes118
Size

142KB
MD5

36fe68fb29e02ca27eef5647cb63f6aa
SHA1

d325ff004587b66c93aaaae546e117172cadc22e
SHA256

12e118cae122268c2e8ab172b528fa06af307cb49076f112d60ccff59d7dd46f
SHA512

16f849d0986f33c8176d1b4cfef614ce5333220d445bdbd30f13eff4310c7d567f06b604ddcbb6cda8194ad764954c14e2845e2dd6beca2b1690092b05ec2d58
SSDEEP

3072:H00yjga941zvuAMuRCUg3vikuOOIFY7+lAvzIe7umxf:Un21z2AMObOlK7AAvseqC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36fe68fb29e02ca27eef5647cb63f6aa_JaffaCakes118

Files

36fe68fb29e02ca27eef5647cb63f6aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc5c3b230b279baf5b8d7e92a42cd6b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
GetFileTime
CopyFileW
DeleteAtom
Sleep
GlobalFree
CreateThread
GetComputerNameA
GetConsoleMode
GetLastError
CreateDirectoryA
GetCurrentProcess
CreateProcessA
ExitThread
DeleteFileW
DeleteFileA
ExitThread
GlobalFree
Sleep
GetUserDefaultLangID
OpenFile
DeleteFileA
GetCurrentProcessId
GetConsoleMode
GetUserDefaultLCID
ExitProcess
DeleteFileW
GetCurrentThread
GetCommandLineA
GetCPInfo
ExitThread
GetCurrentProcess
GetFileSize
CopyFileW
DeleteFileA
GetConsoleOutputCP
GetComputerNameA
ExitProcess
FindAtomA
GetUserDefaultLangID
OpenFile
GlobalFree
GetFileTime
GetLastError
FindFirstFileA
GetFileTime
ExitProcess
GetCommandLineA
CreateThread
GetConsoleOutputCP
OpenFile
GetConsoleMode
FindAtomA
DeleteFileW
GlobalFree
GetComputerNameA
GetCurrentProcess
DeleteFileA
GetFileSize
CreateDirectoryA
GetCurrentThreadId
GetComputerNameA
ExitThread
GetCurrentThreadId
GetStdHandle
CreateDirectoryA
CreateThread
FindAtomA
OpenFile
GetFileTime
GetCurrentProcessId
DeleteFileA
DeleteFileW
CreateProcessA

advapi32

RegEnumKeyExA
RegGetKeySecurity
RegOpenKeyW
RegEnumKeyA
RegOpenKeyA
RegLoadKeyA
RegCreateKeyExA
RegCreateKeyW
RegDeleteKeyW
RegEnumKeyW
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExW
RegReplaceKeyA
RegQueryInfoKeyW
RegQueryValueW
RegDeleteValueW
RegCreateKeyW
RegEnumKeyA
RegEnumValueW
RegOpenKeyA
RegFlushKey
RegOpenKeyW
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyW
RegReplaceKeyA
RegDeleteValueW
RegQueryValueW
RegEnumKeyA
RegLoadKeyW
RegOpenKeyExA
RegFlushKey
RegQueryInfoKeyA
RegCreateKeyExA
RegEnumKeyExW
RegDeleteValueA
RegEnumValueW

user32

DrawIconEx
CloseWindow
DrawTextW
LoadMenuA
DrawTextA
CreateIcon
IsMenu
GetMenu
CopyImage
GetDC
AppendMenuW
CopyIcon
GetWindowTextLengthA
BlockInput
GetFocus
InsertMenuA
CopyRect
CopyRect
IsMenu
GetWindowTextA
InsertMenuA
CloseWindow
CopyImage
DrawIcon
GetDC
BlockInput
LoadCursorA
DrawTextW
DialogBoxParamA
GetMenu

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 100KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc5c3b230b279baf5b8d7e92a42cd6b7

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 100KB - Virtual size: 375KB

.idata Size: 4KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 5KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 100KB - Virtual size: 375KB

.idata
Size: 4KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 5KB