36947672c8711b7994f54afd4481fc0a_JaffaCakes118

General

Target

36947672c8711b7994f54afd4481fc0a_JaffaCakes118
Size

399KB
MD5

36947672c8711b7994f54afd4481fc0a
SHA1

c259c34d34fe6d842834a2a73f864ff5d9343e70
SHA256

aab212b59411a96b300cf7fef18020747b6ae5882f90509aca4ae7cea6782a35
SHA512

3639b640908d26ebe17040d012fbf944c49bdba2b785f2d1d284b10e8b21221546d12c70418b99154c0fe0f368a552564e4a7630d1957bafb50c75f5cfb8bfc1
SSDEEP

6144:K3rY8zVFaEz38QB7q5/tU7et6lUHxM2aSbu3hHownfqSGey:OrLTaDWqb8egOxMU6CQfqSGe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36947672c8711b7994f54afd4481fc0a_JaffaCakes118

Files

36947672c8711b7994f54afd4481fc0a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f813a1e713f50c24541c830551189468

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetProcAddress
OutputDebugStringA
OutputDebugStringW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
Sleep
DeleteFileW
GetModuleHandleW
GetLastError
FreeConsole
RemoveDirectoryW
SetFileAttributesW
LocalFree
LocalAlloc
ExitProcess
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DeleteCriticalSection
GetThreadLocale
InterlockedExchange
SetLastConsoleEventActive
GetVersionExW
InitializeCriticalSection
CancelWaitableTimer
GetCPInfoExA
MultiByteToWideChar
lstrlenA
CopyFileW
GetLocaleInfoA

user32

GetKeyState
BringWindowToTop
SendMessageW
GetMenuItemID
GetSubMenu
ModifyMenuW
SetRect
SystemParametersInfoW
DrawStateW
GetSysColor
LoadBitmapW
GetMenuItemCount
CopyRect
SetCursor
CheckMenuItem
GetDC
GetCapture
InflateRect
SetClassLongW
ReleaseDC
LoadCursorW
GetClientRect
GetWindowPlacement
InvalidateRect
GetSystemMetrics
UpdateWindow
EnableWindow
SetWindowRgn
ScreenToClient
DrawTextW
ShowWindow
IsWindow
ShowScrollBar
IsRectEmpty
FillRect
LoadImageW
ShowCursor
SetRectEmpty
DestroyIcon
GetTopWindow
GetParent
GetWindow
SetTimer
GetWindowRect
SetCapture
PostMessageW
KillTimer
GetFocus
TranslateMessage
LoadIconW
OffsetRect
LoadMenuW
EnableMenuItem
GetCursorPos
ReleaseCapture
IsWindowVisible
PtInRect

odbc32

SQLGetTypeInfoA

Sections

.text
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f813a1e713f50c24541c830551189468

Headers

File Characteristics

Imports

kernel32

user32

odbc32

Sections

.text Size: 256KB - Virtual size: 256KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 133KB - Virtual size: 445KB

.rsrc Size: 6KB - Virtual size: 8KB

.text
Size: 256KB - Virtual size: 256KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 133KB - Virtual size: 445KB

.rsrc
Size: 6KB - Virtual size: 8KB