36db6a7b7ea6de83db44e8a575a310d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36db6a7b7ea6de83db44e8a575a310d2_JaffaCakes118
Size

160KB
MD5

36db6a7b7ea6de83db44e8a575a310d2
SHA1

c919f8731d3c97026148faaff63cdbe0700dde3e
SHA256

bcb85760e331d63b11949b90c60d3222b9f2d99c97d7399e951588603b59d05f
SHA512

fee38d53b5a706a30454fa4a7cbb63939e73502ce2906298486b3a221de48fe592dac106cf53316b62a476c3ce8329565dbf38278e76825a6aa9742d0ed6a507
SSDEEP

3072:fKUxgoi8mBhVUGtx1zGELHRTG8exmlPY04almYU31AAb:rgP5Uc7iORS808Y0B1A1A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36db6a7b7ea6de83db44e8a575a310d2_JaffaCakes118

Files

36db6a7b7ea6de83db44e8a575a310d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0892a033318d339b3ff538e891c40e42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
GetCurrentThreadId
TlsAlloc
TlsFree
lstrlenA
lstrcatA
GetModuleFileNameA
GetModuleHandleA
lstrcpyA
GetCurrentProcess
GlobalAlloc
GlobalFree
FindClose
InterlockedExchange
CompareStringA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
SetLastError
FlushFileBuffers
TlsGetValue
IsBadCodePtr
QueryPerformanceCounter
IsBadReadPtr
SetFilePointer
GetStringTypeA
LCMapStringA
GetOEMCP
SetUnhandledExceptionFilter
GetFileType
SetHandleCount
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
WriteFile
HeapSize
UnhandledExceptionFilter
TerminateProcess
CreateThread
SetStdHandle
GetCurrentProcessId
ReleaseMutex
InterlockedDecrement
InterlockedIncrement
Sleep
LocalFree
DeleteCriticalSection
LocalAlloc
EnterCriticalSection
MulDiv
LeaveCriticalSection
GetLocaleInfoA
InitializeCriticalSection
FreeLibrary
CloseHandle
GetThreadLocale
GetLastError
GetACP
WaitForSingleObject
GetTickCount
ExitProcess
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
RaiseException
RtlUnwind
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
ExitThread
HeapAlloc
HeapFree

user32

PostQuitMessage
GetWindow
CopyRect
GetDlgCtrlID
SetWindowPos
GetDesktopWindow
EndDialog
GetDlgItem
ReleaseDC
OffsetRect
GetDC
SetFocus
GetParent
SetForegroundWindow
CharNextA
CallNextHookEx
UnhookWindowsHookEx
GetSystemMetrics
SetTimer
ExitWindowsEx
KillTimer
DestroyWindow
TranslateMessage
MsgWaitForMultipleObjects
GetWindowRect

gdi32

GetStockObject
GetDeviceCaps

advapi32

RegDeleteKeyA
AdjustTokenPrivileges
FreeSid
AllocateAndInitializeSid
LookupPrivilegeValueW
EqualSid
GetTokenInformation
OpenProcessToken
StartServiceW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

ole32

GetRunningObjectTable
CoUninitialize
CoInitialize
CoGetClassObject
CreateClassMoniker
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoInitializeSecurity
CoDisconnectObject
CoRevokeClassObject
CoRegisterClassObject
StringFromCLSID

oleaut32

UnRegisterTypeLi
RegisterTypeLi
VariantCopy
SysFreeString
VariantClear
CreateStdDispatch
VariantInit
CreateDispTypeInfo
SysAllocString
LoadTypeLi

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0892a033318d339b3ff538e891c40e42

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 56KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 56KB

.rsrc
Size: 28KB - Virtual size: 26KB