36765ad05f65814aded0342a2c2b6e77_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36765ad05f65814aded0342a2c2b6e77_JaffaCakes118
Size

71KB
MD5

36765ad05f65814aded0342a2c2b6e77
SHA1

76fc3522484df45d841922e71110c59a56482439
SHA256

fb59fad09781780cb352c64a19c293d63cb7747f491e621fda9498bee4204307
SHA512

6ee7b998c8db7ef231d4f27efc7b046b515828a19f0fda41fe3c891d53f7642853696c0bcc7f217716f63cd994a059f16489cfaa3f54f500b835098414259f60
SSDEEP

768:Wy35Mf/ljIOwG83CTQF+YE6bYhUJaeZKM4Eqt2et2BT/GhO2wFgHgMTFMV:W66t4pj8UJlH4zkekR/k1HH12V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36765ad05f65814aded0342a2c2b6e77_JaffaCakes118

Files

36765ad05f65814aded0342a2c2b6e77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14c3b06cc736885c9f1130962f0de0b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

RegisterWindowMessageA
KillTimer
CharUpperA
LoadStringW
GetCapture
GetProcessWindowStation
TranslateMessageEx
SystemParametersInfoW
RegisterClipboardFormatA
PostMessageW
GetLastInputInfo
GetWindowThreadProcessId
WaitMessage
TranslateMessage
wsprintfA
PostMessageW
wsprintfA
RegisterWindowMessageA
PostMessageW
GetCapture
GetDCEx
FindWindowA
GetAppCompatFlags2
WaitMessage
GetWindowThreadProcessId
CharUpperBuffW
GetSysColorBrush
SystemParametersInfoW
CharUpperBuffW
GetWindowDC

kernel32

GetStartupInfoA
ReadFile
ReadProcessMemory
CreateProcessW
LoadLibraryA
WaitForSingleObject
ReadFile
VirtualProtect
GetSystemTimeAsFileTime
ReadProcessMemory
ReleaseMutex
VirtualProtect
LoadLibraryExW
WaitForSingleObjectEx
ReadProcessMemory
VirtualProtect
Sleep
ReleaseMutex
DeviceIoControl
ReadProcessMemory
Sleep
DeviceIoControl
CreateProcessA
GetSystemTime
CreateProcessW
CreateProcessA
ReadProcessMemory
GetStartupInfoW
ReleaseMutex
WriteProcessMemory
VirtualProtectEx
GetProcAddress
Sleep
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
lstrcmpiA
TlsGetValue
FindAtomA
GetCurrentDirectoryA
GetCurrentThread
GetCurrentThreadId
VirtualProtect
ReadFile
WriteProcessMemory
CreateProcessW
CreateProcessA
WaitForSingleObjectEx
WaitForSingleObject
CreateProcessW
LoadLibraryExA
ReleaseMutex
WriteProcessMemory
ReadFile
GetStartupInfoW
GetSystemTimeAsFileTime
ReleaseMutex
WaitForSingleObject
Sleep
SleepEx
LoadLibraryExW
TerminateProcess
ReadFile
GetSystemTimeAsFileTime
LoadLibraryExW
LoadLibraryA
VirtualProtectEx
TerminateProcess
ReadProcessMemory
ReadProcessMemory
Sleep
WaitForSingleObject
GetStartupInfoA
LoadLibraryExA
WriteProcessMemory
CreateProcessW
GetSystemTimeAsFileTime
LoadLibraryExW
LoadLibraryExA
GetStartupInfoA
VirtualProtectEx
SleepEx
SleepEx
GetStartupInfoA
GetSystemTimeAsFileTime
WaitForSingleObject
WaitForSingleObject
CreateFileA
VirtualProtectEx
DeviceIoControl
LoadLibraryExA
WriteProcessMemory
WriteProcessMemory
GetSystemTime
DeviceIoControl
ReadProcessMemory
SleepEx
CreateProcessW
GetStartupInfoA
SleepEx
DeviceIoControl
WaitForSingleObject
LoadLibraryExA
WaitForSingleObject
VirtualProtectEx
CreateProcessA
WriteProcessMemory
ReadProcessMemory
Sleep
WaitForSingleObject
GetSystemTime
CreateProcessW
LoadLibraryExW
ReleaseMutex
CreateFileA
VirtualProtectEx
GetStartupInfoA
GetStartupInfoA
GetStartupInfoW
LoadLibraryExA
LoadLibraryExA
TerminateProcess
WaitForSingleObjectEx
GetStartupInfoA
Sleep
LoadLibraryA
GetStartupInfoW
Sleep
LoadLibraryExW
GetStartupInfoW
TerminateProcess
GetSystemTimeAsFileTime
GetSystemTime
ReleaseMutex
CreateProcessW
TerminateProcess
CreateFileA
GetSystemTimeAsFileTime
CreateProcessA
CreateFileA
WaitForSingleObject
SleepEx
GetStartupInfoA
TerminateProcess
VirtualProtectEx
DeviceIoControl
GetSystemTimeAsFileTime
LoadLibraryA
DeviceIoControl
WriteProcessMemory
ReleaseMutex
WriteProcessMemory
ReadProcessMemory
ReleaseMutex
GetSystemTime
GetStartupInfoA
GetStartupInfoA
WaitForSingleObject
ReadFile
DeviceIoControl
GetStartupInfoA
GetStartupInfoW
GetSystemTime
GetStartupInfoW
GetSystemTime
WaitForSingleObjectEx
WaitForSingleObjectEx
LoadLibraryA
GetSystemTimeAsFileTime
LoadLibraryExA
Sleep
CreateProcessA
CreateFileA

advapi32

MakeSelfRelativeSD
RevertToSelf
GetSecurityDescriptorDacl
RevertToSelf
GetSecurityDescriptorDacl
MakeSelfRelativeSD
RegCloseKey
GetSecurityDescriptorDacl
RegCloseKey
OpenThreadToken
RegQueryValueExW
OpenThreadToken
MakeSelfRelativeSD
GetTokenInformation
AccessCheck
RegQueryValueExW
ImpersonateNamedPipeClient
RevertToSelf
RegCloseKey
RevertToSelf

gdi32

GetTextMetricsW
BitBlt
GetLayout
CreateRectRgn
CreateSolidBrush
SelectObject
GetTextExtentPoint32W
BitBlt
BitBlt
CreateCompatibleDC
SetBkMode
BitBlt
PolyPatBlt
GdiGetCodePage
GdiReleaseDC
GetDeviceCaps
GdiProcessSetup
GdiGetCodePage
SetTextColor
OffsetWindowOrgEx

comdlg32

GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleW
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleA

Sections

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 29KB - Virtual size: 92KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

qwerty
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14c3b06cc736885c9f1130962f0de0b7

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

comdlg32

Sections

.text Size: 17KB - Virtual size: 20KB

.rdata Size: 29KB - Virtual size: 92KB

.data Size: 3KB - Virtual size: 4KB

.idata Size: 11KB - Virtual size: 12KB

.rsrc Size: 9KB - Virtual size: 12KB

qwerty Size: 512B - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 20KB

.rdata
Size: 29KB - Virtual size: 92KB

.data
Size: 3KB - Virtual size: 4KB

.idata
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 9KB - Virtual size: 12KB

qwerty
Size: 512B - Virtual size: 4KB