36af0a9bc44aca0d788f7247864c96f3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36af0a9bc44aca0d788f7247864c96f3_JaffaCakes118
Size

97KB
MD5

36af0a9bc44aca0d788f7247864c96f3
SHA1

ac511afd066890109de51adf4650991b6acc7ed5
SHA256

d93b3ca62045eacda96d6fd327cffee8f2956056f6d42b63f29fb5034b6e9bac
SHA512

add9a95558ea75d132ea8bf1ceb26ef4251c213e58c60ceaed9fbfc5f8ea375a3b47df86679f6fc7e73d7c39e663f61475a82f3a88ef38742b512977f5b401ea
SSDEEP

1536:kLTNvosua4mJQ02suWRt/+/ZRdXXAAbfCuxvHnZG+sqbUvKQ1:mNQsBHT53uvdnAAbfXxvE+smyKO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36af0a9bc44aca0d788f7247864c96f3_JaffaCakes118

Files

36af0a9bc44aca0d788f7247864c96f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85ba3b7dc7bd6d58c4a26ad72886b660

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

tan
strcmp
memmove
calloc
memcpy

kernel32

GetStringTypeA
HeapFree
MoveFileExA
CreateEventA
GetDateFormatA
GetStdHandle
LoadLibraryExA
WideCharToMultiByte
GetACP
EnterCriticalSection
VirtualQuery
FormatMessageA
MulDiv
SetErrorMode
GetVersionExA
GetCurrentProcess
LoadLibraryA
SetEvent
HeapAlloc
LocalAlloc
SetEndOfFile
SetHandleCount
lstrcmpiA
CloseHandle
ResetEvent
GetFileSize
GlobalDeleteAtom
GetCommandLineA
DeleteFileA
VirtualAllocEx
GetModuleFileNameA
GetVersion
SetFilePointer
GetLocalTime
LocalReAlloc
ExitThread
FindClose
SizeofResource
GetModuleHandleA
GetCurrentProcessId
GetThreadLocale
lstrcpyA
GetStartupInfoA
InitializeCriticalSection
WaitForSingleObject
LockResource
GetOEMCP
GetFileAttributesA
GetSystemDefaultLangID
lstrlenA
GetStringTypeW
GlobalAlloc
CreateFileA
GetFileType
FreeLibrary
RaiseException
MoveFileA
Sleep
ExitProcess
GetCPInfo
LoadResource
GetDiskFreeSpaceA
SetLastError
VirtualFree
GetCurrentThreadId

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
DragQueryFileA

shlwapi

SHDeleteValueA

user32

IsChild
MessageBoxA
IsWindowVisible
SetCursor
GetFocus
GetCursor
GetDesktopWindow
DefWindowProcA
IsDialogMessageA
GetClipboardData
SetWindowPos
GetSysColor
DrawIconEx
CheckMenuItem
GetMenuItemID
FrameRect
GetActiveWindow
GetSubMenu
EnumChildWindows
CreatePopupMenu
CharLowerBuffA
GetCapture
DefMDIChildProcA
GetDC
DefFrameProcA
GetMenuItemInfoA
GetForegroundWindow
GetMenuItemCount
GetDCEx
CharLowerA
SetWindowLongA
EnableScrollBar

gdi32

CreateBrushIndirect
CopyEnhMetaFileA
CreateCompatibleBitmap
CreateFontIndirectA

ole32

CreateStreamOnHGlobal
CoGetMalloc
CoUnmarshalInterface
CreateBindCtx
CoUninitialize
CoDisconnectObject
CoCreateFreeThreadedMarshaler

version

VerInstallFileA

oleaut32

VariantChangeType
GetErrorInfo

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

85ba3b7dc7bd6d58c4a26ad72886b660

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

shlwapi

user32

gdi32

ole32

version

oleaut32

Sections

.text Size: 48KB - Virtual size: 48KB

DATA Size: 512B - Virtual size: 168B

.tls Size: 47KB - Virtual size: 46KB

.text
Size: 48KB - Virtual size: 48KB

DATA
Size: 512B - Virtual size: 168B

.tls
Size: 47KB - Virtual size: 46KB