36b589105f8675bf422696b8ae8c5ef9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36b589105f8675bf422696b8ae8c5ef9_JaffaCakes118
Size

139KB
MD5

36b589105f8675bf422696b8ae8c5ef9
SHA1

324630e820b8d1f1cead06914fcc6ab4623e029a
SHA256

422feb8c9c9858882abed0e02cf82eb936f0adf8165c2245cab9558c5e350807
SHA512

377837d08ea0348ae256da305ae658bf8ad2015a8b27ce903df7c60e0b207a1305cf6980f8a178295d9e5afcb37dabb93ddaeb9d91c75ac6856c2cc97b39aeec
SSDEEP

3072:7mpIev6EFGLObwce3eykx4KoTehB7VUv6h+D3WfR16H3h05B03x:xu6ESObR5yxTef7ViGfbiUBKx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36b589105f8675bf422696b8ae8c5ef9_JaffaCakes118

Files

36b589105f8675bf422696b8ae8c5ef9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7a7dc815a6240bcfdd24edf64c4d804c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

HBRUSH_UserFree
OleCreateDefaultHandler
CoGetDefaultContext
CoQueryAuthenticationServices
ComPs_NdrDllGetClassObject
OleNoteObjectVisible
CoAllowSetForegroundWindow
CoLoadLibrary
CoPushServiceDomain
CoFreeUnusedLibrariesEx
HMETAFILE_UserMarshal
HMENU_UserSize
HPALETTE_UserFree
FmtIdToPropStgName
HGLOBAL_UserMarshal
CoQueryProxyBlanket
CreateItemMoniker
CoInitializeSecurity
CoGetObject
CoGetMarshalSizeMax
CoLockObjectExternal
OleRegEnumFormatEtc
WriteClassStm
OleConvertIStorageToOLESTREAMEx
CoGetInterceptorFromTypeInfo
SNB_UserFree
OleBuildVersion
RevokeDragDrop
CoSetProxyBlanket
OleGetAutoConvert
OleQueryCreateFromData
HWND_UserMarshal
DllGetClassObject

kernel32

PeekConsoleInputW
GetLocaleInfoW
Process32NextW
GetFullPathNameW
GetModuleHandleW
LoadLibraryW
DeleteFiber
SetPriorityClass
FlushConsoleInputBuffer
LocalHandle
VirtualAllocEx
GetCurrentThread
GetSystemDefaultUILanguage
Heap32Next
GetUserDefaultUILanguage

dssec

DllCanUnloadNow
DSCreateISecurityInfoObject
DllGetClassObject
DSCreateSecurityPage
DSCreateISecurityInfoObjectEx
DSEditSecurity

perfctrs

CollectNbfPerformanceData
CloseDhcpPerformanceData
OpenDhcpPerformanceData
OpenNbfPerformanceData
CloseTcpIpPerformanceData
OpenNWNBPerformanceData
CollectNWNBPerformanceData
OpenTcpIpPerformanceData

faultrep

ReportHang
AddERExcludedApplicationA
AddERExcludedApplicationW
ReportFault

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a7dc815a6240bcfdd24edf64c4d804c

Headers

File Characteristics

Imports

ole32

kernel32

dssec

perfctrs

faultrep

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 22KB - Virtual size: 21KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 10KB - Virtual size: 9KB