36b3fe26f5f9a74707f8dee248053102_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36b3fe26f5f9a74707f8dee248053102_JaffaCakes118
Size

112KB
MD5

36b3fe26f5f9a74707f8dee248053102
SHA1

0d3d2cb0dd99b01366c33d6aeea557c4ca8edcf9
SHA256

c5e48f6086e7117c5fd19e5660b961953a27b70f21ea5629984ad7c0648b0f77
SHA512

af463d62ae275473f7db730f0f4f76afd2e3ff00e977bdfb9277e0c192906cebfa9594fbb71564de108f95fcce470a0089d9850d97add207fd4af3dd91b3beef
SSDEEP

1536:g3Uvd0Peh38OOZHpUtBVrwJM8y0mEutjhJX3JS5CUlFQsod7flb4:TJh3Zdi6G2jHJhUlFQsod7flb4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36b3fe26f5f9a74707f8dee248053102_JaffaCakes118

Files

36b3fe26f5f9a74707f8dee248053102_JaffaCakes118
.exe windows:4 windows x86 arch:x86

609fd50223f731a7e9f752df5e5feac9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrA
PathFileExistsA

ws2_32

setsockopt

kernel32

GetLocaleInfoA
InitializeCriticalSection
WideCharToMultiByte
lstrcatA
GetACP
MultiByteToWideChar
lstrlenW
RaiseException
InterlockedExchange
GetLastError
GetThreadLocale
GetProcAddress
LoadLibraryA
DeleteTimerQueue
GetModuleFileNameA
DeleteCriticalSection
GetVersionExA
CloseHandle
lstrcpyA
GetTickCount
GetStdHandle
ReleaseMutex
ResumeThread
Sleep
GetVolumeInformationA
SetFileAttributesA
lstrlenA
CreateFileA
GetFileSize
ExpandEnvironmentStringsA
WriteFile
ReadFile
lstrcmpA
WaitForSingleObject
CreateEventA
lstrcmpiA
ResetEvent
GetCurrentThreadId
GetTempPathA
TerminateThread
GetVersion
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
LCMapStringW
LCMapStringA
SetEndOfFile
IsBadCodePtr
IsBadReadPtr
GetSystemInfo
GetStringTypeW
DeleteFileA
VirtualProtect
GetStringTypeA
FlushFileBuffers
GetCPInfo
GetOEMCP
SetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetCurrentProcessId
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
ExitProcess
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
HeapReAlloc
RtlUnwind
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapSize
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetFileType
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter

user32

OpenIcon
CharToOemA
GetGuiResources

advapi32

RegOpenKeyExA
RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegSetValueA

ole32

CoCreateInstance
CoInitializeEx
CoInitialize
CoUninitialize

shell32

ShellExecuteA
CommandLineToArgvW
SHGetSpecialFolderPathA

oleaut32

SysAllocString
SysFreeString

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

609fd50223f731a7e9f752df5e5feac9

Headers

File Characteristics

Imports

shlwapi

ws2_32

kernel32

user32

advapi32

ole32

shell32

oleaut32

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 848B

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 848B