36a783ac86adb2ceabc4d11f43103e18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36a783ac86adb2ceabc4d11f43103e18_JaffaCakes118
Size

496KB
MD5

36a783ac86adb2ceabc4d11f43103e18
SHA1

6dcb4cb07aba5a47607a66042522e539813f440a
SHA256

73a8e3ac6680dfda903f42d9b2e46d46685cb51a1581dd1375d0be264502b00f
SHA512

2d3a857f784a6afd5ce0f6421a9eee00ab0b68f4189e9729e07ff44bfe0466660406e68bfabc409e51e9bbb00d659b611aad4fe11da3303457563ec5ea4e4a0d
SSDEEP

12288:Wb0C0bZGnlNxss9jzbTIbls4ONcQJgRMq2jNiul:WbqZolg0jzfIbls4OFiMpjkul

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36a783ac86adb2ceabc4d11f43103e18_JaffaCakes118

Files

36a783ac86adb2ceabc4d11f43103e18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdbf2cc2e3dfb5f26d69f205b1cd4591

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
TranslateMessage
GetWindowLongA
CheckMenuItem
GetClientRect
GetKeyState
GetSysColor
GetFocus
GetParent
SendMessageA
GetDesktopWindow
UpdateWindow
BeginPaint
FillRect
ReleaseDC
CreateWindowExA
SetWindowTextA
ShowWindow
EnableWindow
SetWindowPos
EndPaint
SystemParametersInfoA

kernel32

GlobalFree
SetLastError
MultiByteToWideChar
EnterCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
RtlUnwind
HeapCreate
HeapDestroy
DeleteFileA
GetStringTypeW
SetEvent
GetStartupInfoA
GetSystemTimeAsFileTime
GetSystemInfo
QueryPerformanceCounter
RaiseException
VirtualFree
SetStdHandle
IsValidCodePage
GetCPInfo
TlsSetValue
GetVersionExA
GetStringTypeA
LeaveCriticalSection
Sleep
GetExitCodeProcess
FreeLibrary
WriteFile
WriteConsoleA
LoadResource
FlushFileBuffers
TlsGetValue
lstrlenA
FindClose
ReadFile
SetEndOfFile
InterlockedExchange
GetFileAttributesA
SetUnhandledExceptionFilter
GetProcAddress
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapReAlloc
MapViewOfFile
GetFullPathNameA
GetCurrentProcessId
CreateEventA
GetConsoleMode
CloseHandle
FreeEnvironmentStringsA
UnmapViewOfFile
HeapFree
LockResource
SizeofResource
LoadLibraryA
CreateFileA
FormatMessageA
ReleaseMutex
CreateMutexA
FindFirstFileA
SetErrorMode
CreateFileW
GetModuleFileNameW
SetFilePointer
GetModuleFileNameA
CreateThread
GetStdHandle
GetTimeZoneInformation
TlsAlloc
LCMapStringW
LCMapStringA
GetFileSize
GetACP
WideCharToMultiByte
GetLocaleInfoA
GetLastError
GetOEMCP
GetCurrentThreadId
GetThreadLocale
HeapAlloc
GetProcessHeap
VirtualAlloc
ExitProcess
GetModuleHandleA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetEnvironmentStrings
SetHandleCount
GetFileType
GetEnvironmentVariableA

oleaut32

SysFreeString
SysAllocStringLen
VariantInit

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 364KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdbf2cc2e3dfb5f26d69f205b1cd4591

Headers

File Characteristics

Imports

user32

kernel32

oleaut32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 364KB - Virtual size: 362KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 364KB - Virtual size: 362KB

.rsrc
Size: 8KB - Virtual size: 5KB