36adbcfbafc4cb37751718db2b2ab943_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

36adbcfbafc4cb37751718db2b2ab943_JaffaCakes118
Size

298KB
MD5

36adbcfbafc4cb37751718db2b2ab943
SHA1

19a4adc11c4f6c5b1ff3fccde514f3e1a0e282d7
SHA256

0a9db5dc605028742585a2a4571046557eb48bfacd6a59593a7a8c81b7894f97
SHA512

1fdddcf1dc395359c1ebff7f269b576106a4ef73ceb0cebc7050dfbb9c618c0e400105a6147c04981861056de5c2c8856e4579db163ef3385da2af8e0b2c8968
SSDEEP

6144:n9Omto4xbeNpxhWiYOaY2K9q+qZDt2tRNQz:4mto4xCxQicYx9qts/Kz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36adbcfbafc4cb37751718db2b2ab943_JaffaCakes118

Files

36adbcfbafc4cb37751718db2b2ab943_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3be60c3cda33cde5a2ef0d706fba8fc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetCharacterPlacementA
SetMagicColors
CombineTransform
AddFontResourceA
SetDIBits
SetBoundsRect
FloodFill
EndPath
Ellipse
DeleteColorSpace
PtVisible
SetICMProfileA
AddFontResourceW
WidenPath
SetLayout
PathToRegion
OffsetWindowOrgEx
FlattenPath
GetEnhMetaFilePaletteEntries
GetGlyphOutlineA
FillRgn
SetPixelFormat
Chord

shell32

SHGetPathFromIDListW
SHGetDataFromIDListA
InternalExtractIconListA
ShellAboutA
DragAcceptFiles
CheckEscapesW
FindExecutableW
RealShellExecuteA
SHGetNewLinkInfo
DragQueryFileA

advapi32

RegDeleteValueW
CryptEnumProvidersW
RegDeleteKeyA
LookupAccountSidA
CryptGetDefaultProviderW
CryptSetHashParam
CryptReleaseContext
LookupAccountSidW
LookupPrivilegeNameW
CryptVerifySignatureW

wininet

FindFirstUrlCacheGroup
InternetQueryOptionW
InternetReadFileExA
GopherFindFirstFileA
RegisterUrlCacheNotification
DeleteUrlCacheEntry
InternetQueryDataAvailable
HttpCheckDavCompliance
InternetAutodialHangup
InternetQueryFortezzaStatus

kernel32

GetOEMCP
GetLocaleInfoW
TlsGetValue
SetCurrentDirectoryW
RtlUnwind
GetConsoleTitleW
GlobalUnfix
GetEnvironmentStrings
LoadLibraryA
InterlockedDecrement
GetModuleFileNameA
GetCommandLineA
GetProcessHeap
VirtualAlloc
EnumResourceNamesW
GetProcAddress
GetLocaleInfoA
WaitForMultipleObjects
TerminateProcess
IsValidCodePage
GetCurrentProcess
DeleteFiber
SetHandleCount
GetDateFormatA
GetTimeZoneInformation
ExitProcess
RaiseException
FreeEnvironmentStringsW
SetLastError
QueryPerformanceCounter
GetNumberFormatW
HeapCreate
TlsAlloc
HeapSize
GetACP
FindAtomA
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
GetLastError
TlsFree
EnumSystemLocalesA
WaitForMultipleObjectsEx
FreeEnvironmentStringsA
CompareStringW
GetCurrentThread
GetUserDefaultLCID
HeapFree
LeaveCriticalSection
SetConsoleCtrlHandler
GetStringTypeA
VirtualFree
GetCurrentProcessId
GetStringTypeW
Sleep
GetCPInfo
HeapDestroy
SetConsoleTitleA
LCMapStringW
WritePrivateProfileStructW
LCMapStringA
EnterCriticalSection
IsDebuggerPresent
TransactNamedPipe
WriteFile
GetSystemTimeAsFileTime
GetThreadPriority
GetFileType
HeapAlloc
GetEnvironmentStringsW
InterlockedExchange
GetStartupInfoA
UnhandledExceptionFilter
GetDiskFreeSpaceA
GetStdHandle
FreeLibrary
GetTimeFormatA
WideCharToMultiByte
GlobalHandle
HeapReAlloc
DeleteCriticalSection
SetEnvironmentVariableA
TlsSetValue
CompareStringA
GetTickCount
GetModuleHandleA
ResetEvent
LocalUnlock
VirtualQuery
IsValidLocale
SetSystemTime
MultiByteToWideChar
ReleaseSemaphore
InterlockedIncrement
GetCurrentThreadId
SetUnhandledExceptionFilter

comdlg32

ReplaceTextA
FindTextW
GetOpenFileNameA
PrintDlgA
PageSetupDlgA
LoadAlterBitmap
GetSaveFileNameA
GetSaveFileNameW
ChooseFontA
ChooseColorA

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3be60c3cda33cde5a2ef0d706fba8fc8

Headers

File Characteristics

Imports

gdi32

shell32

advapi32

wininet

kernel32

comdlg32

Sections

.text Size: 149KB - Virtual size: 148KB

.data Size: 141KB - Virtual size: 141KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 149KB - Virtual size: 148KB

.data
Size: 141KB - Virtual size: 141KB

.rsrc
Size: 6KB - Virtual size: 6KB