36decd4947e09e3d2febe54ec57eafc4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

36decd4947e09e3d2febe54ec57eafc4_JaffaCakes118
Size

192KB
MD5

36decd4947e09e3d2febe54ec57eafc4
SHA1

76522d04c3b0b40eaa0d26bd04ce1a339b532c53
SHA256

b0c12adab999245ba279f53bbcd56f48760574859ae789d78de98b6239748207
SHA512

362e7080b044b52259b6690292d44fdb735eadf61aabee51845f929d53c545b1d5853a56d0d0802c99dfa168787a5a4e2f9c79d0c8bf5888f3d7be1ebeab9e6e
SSDEEP

3072:wZvtHCM27CrPmxgboVirgo1XoYjH2BV8o:wZvtOWjJrguJH2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36decd4947e09e3d2febe54ec57eafc4_JaffaCakes118

Files

36decd4947e09e3d2febe54ec57eafc4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ced0e3d1064a4732ca0378f1c2242380

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
FileTimeToSystemTime
GetFileTime
GetDateFormatA
GetTimeFormatA
GlobalFree
CreateThread
GlobalAlloc
WaitForSingleObject
GetFileSize
LocalAlloc
LocalFree
GetTickCount
WaitForMultipleObjects
SetEvent
LCMapStringA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetLocalTime
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapAlloc
WriteFile
CreateFileA
ReadFile
CloseHandle
Sleep
ResetEvent
ExitProcess
SetUnhandledExceptionFilter
GetModuleFileNameA
FindResourceA
LoadResource
SizeofResource
LockResource
CreateDirectoryA
CreateEventA
RtlUnwind
LCMapStringW

user32

wsprintfA
MessageBoxA
LoadCursorA
DialogBoxParamA
SendMessageA
SetDlgItemTextA
EnableMenuItem
CallWindowProcA
EndDialog
SetWindowTextA
GetDlgItemTextA
SetFocus
LoadIconA
GetDlgItem
PostMessageA
TrackPopupMenu
GetCursorPos
MoveWindow
LockWindowUpdate
SetCursor
PtInRect
GetWindowRect
LoadMenuA
GetSubMenu
GetMenu
SetTimer
SetWindowPos
ScreenToClient
GetAsyncKeyState
ClipCursor
ShowWindow

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
OpenSCManagerA
CreateServiceA
StartServiceA
CloseServiceHandle
RegCloseKey

shell32

ShellExecuteA
SHGetSpecialFolderPathA

mpr

WNetAddConnection2A
WNetOpenEnumA
WNetCloseEnum
WNetEnumResourceA

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA

comctl32

ImageList_Create
ImageList_ReplaceIcon
ord6
ord17

ws2_32

accept
WSAEventSelect
bind
listen
WSAEnumNetworkEvents
recv
inet_ntoa
htons
connect
closesocket
WSAStartup
gethostname
gethostbyname
socket

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ced0e3d1064a4732ca0378f1c2242380

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

mpr

wininet

comctl32

ws2_32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 7.4MB

.rsrc Size: 120KB - Virtual size: 118KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 7.4MB

.rsrc
Size: 120KB - Virtual size: 118KB