36bb70cf3de4cd86a2bd6430c4e0baf2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36bb70cf3de4cd86a2bd6430c4e0baf2_JaffaCakes118
Size

170KB
MD5

36bb70cf3de4cd86a2bd6430c4e0baf2
SHA1

01325aed057246aa3cab63df908a166d2b7316d2
SHA256

1b6aab094c99e0b663eba397bb7ef951aabd1b661dcc53ed75f294aefc7ed230
SHA512

109217d2a44c4cb8f5c581772438c5f6d7d7bec98db7b9dfdb4a94fc17f0b38943d4ab0ef9b0487477fa12df04e0b547f4e4a13df9698cc1b861bc160da023ba
SSDEEP

1536:nc4b66DbgzVA/TartpuzCSsDlXwyQIKrb+DVdk:ncn6DkRA+hpoBsNBNpW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36bb70cf3de4cd86a2bd6430c4e0baf2_JaffaCakes118

Files

36bb70cf3de4cd86a2bd6430c4e0baf2_JaffaCakes118
.exe windows:1 windows x86 arch:x86

060c8f921ce146711f6b8b114da1df9d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
GetModuleFileNameA
lstrcpyW
GetCurrentProcess
GetSystemTimeAsFileTime
GetStartupInfoW
TerminateProcess
HeapFree
TerminateProcess
HeapFree
GetCurrentProcessId
GetProcAddress
GetLastError
UnhandledExceptionFilter
GetStartupInfoW
GetCommandLineW
ReadFile
FormatMessageW
ExitProcess
LeaveCriticalSection
MultiByteToWideChar
lstrlenW
GetProcessHeap
GetLastError
GetModuleFileNameA
lstrlenW
SetLastError
ReadFile
CreateFileW
HeapFree
GetStartupInfoW
InterlockedDecrement
GetCurrentThreadId
LocalAlloc
GetModuleHandleA
GetModuleFileNameA
UnhandledExceptionFilter
HeapDestroy
FormatMessageW
HeapReAlloc
GetACP
SetLastError
DeleteCriticalSection
GetVersionExA
ExitProcess
GetProcAddress
GetLastError
HeapAlloc
SetUnhandledExceptionFilter
CloseHandle
SetLastError
UnhandledExceptionFilter
GetModuleFileNameA
InterlockedIncrement
GetStartupInfoW
FormatMessageW
VirtualFree
GetModuleHandleW
GetStartupInfoA
EnterCriticalSection
GetCurrentThreadId
FormatMessageW
GetProcessHeap
InterlockedDecrement
SetFilePointer
lstrcmpiW
HeapReAlloc
GetCommandLineA
GetCommandLineA
UnhandledExceptionFilter
MultiByteToWideChar
FormatMessageW
DeleteCriticalSection
GetCurrentThreadId
Sleep
EnterCriticalSection
GetModuleHandleA
CreateThread
SetEvent
InterlockedIncrement
FormatMessageW
HeapFree
CloseHandle
GetTickCount
GetStartupInfoW
LeaveCriticalSection
CreateFileW
InterlockedDecrement
HeapDestroy
DeleteCriticalSection
SetLastError
Sleep
LocalFree
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
HeapDestroy
GetModuleFileNameA
HeapReAlloc
HeapReAlloc
FormatMessageW
GetProcessHeap
DeleteCriticalSection
SetUnhandledExceptionFilter
SetUnhandledExceptionFilter
lstrcmpiW
WaitForSingleObject
ReadFile
GetCommandLineA
GetModuleHandleW
GetModuleHandleA
lstrcmpiW
QueryPerformanceCounter
LocalFree
InterlockedDecrement
GetProcessHeap
InterlockedDecrement
GetCurrentProcess
FreeLibrary
LeaveCriticalSection
GetProcAddress
LoadLibraryW
GetCurrentProcessId
GetSystemTimeAsFileTime
CloseHandle
GetVersionExA
HeapFree
WideCharToMultiByte
QueryPerformanceCounter
LeaveCriticalSection
GetCurrentThreadId
lstrcmpiW
MultiByteToWideChar
GetStartupInfoA
SetEvent
GetModuleHandleA
LocalFree
GetACP
GetCommandLineA
SetEvent
TerminateProcess
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetModuleFileNameA
ReadFile
WriteFile
LoadLibraryW
LeaveCriticalSection
ReadFile
GetModuleHandleA
LoadLibraryA
VirtualAlloc
DeleteCriticalSection
ExitProcess
SetFilePointer
GetCurrentThreadId
WriteFile
GetModuleHandleW
WideCharToMultiByte
GetProcessHeap
FreeLibrary
ExitProcess
SetEvent
WaitForSingleObject
CreateThread
GetCurrentProcessId
SetEvent
GetCurrentProcess
LocalFree
GetCurrentProcessId
HeapAlloc
GetCurrentProcessId
GetProcessHeap
lstrcpyW
GetCommandLineW
CreateThread
SetLastError
InterlockedIncrement
ExitProcess
TerminateProcess
ExitProcess
GetModuleHandleA
GetProcessHeap
GetCurrentProcess
LeaveCriticalSection
GetVersionExA
HeapDestroy
GetModuleHandleA
UnhandledExceptionFilter
TerminateProcess
GetACP
CreateFileW
EnterCriticalSection
GetVersionExA
QueryPerformanceCounter
HeapDestroy
GetModuleHandleA
SetFilePointer
FreeLibrary
GetCommandLineA
GetCommandLineA
GetProcessHeap
ReadFile
HeapReAlloc
InitializeCriticalSection
GetProcessHeap
lstrlenW
GetModuleFileNameA
SetUnhandledExceptionFilter
GetTickCount
GetStartupInfoW
GetProcAddress
UnhandledExceptionFilter
GetCommandLineW
WaitForSingleObject
lstrlenW
ReadFile
GetProcAddress
EnterCriticalSection
InterlockedDecrement
SetLastError
SetLastError
Sleep
lstrcmpiW
GetProcessHeap
MultiByteToWideChar
LoadLibraryW
VirtualFree
LoadLibraryW
EnterCriticalSection
TerminateProcess
ExitProcess
GetProcAddress
GetCommandLineW
FormatMessageW
FreeLibrary
GetACP
GetCommandLineW
SetFilePointer
VirtualAlloc
CreateFileW
GetVersionExA
CreateThread
WriteFile
SetFilePointer
GetCommandLineW
LocalFree
WideCharToMultiByte
VirtualAlloc
Sleep
GetModuleHandleA
GetModuleHandleA
HeapDestroy
Sleep
TerminateProcess
GetStartupInfoA
FreeLibrary
QueryPerformanceCounter
EnterCriticalSection
ReadFile
lstrcmpiW
HeapFree
InterlockedIncrement
lstrlenW
GetModuleHandleW
LoadLibraryW
MultiByteToWideChar
lstrcpyW
GetSystemTimeAsFileTime
ReadFile
CloseHandle
UnhandledExceptionFilter
GetModuleHandleA
LoadLibraryW
GetVersionExA
CloseHandle
QueryPerformanceCounter
FormatMessageW
ReadFile
SetFilePointer
SetFilePointer
LoadLibraryA
GetCommandLineW
GetCurrentThreadId
GetStartupInfoW

Sections

.text
Size: 138KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

060c8f921ce146711f6b8b114da1df9d

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 138KB - Virtual size: 152KB

.text Size: 512B - Virtual size: 4KB

.text Size: 7KB - Virtual size: 8KB

.text Size: 1024B - Virtual size: 4KB

.text Size: 2KB - Virtual size: 4KB

.text Size: 3KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 4KB

.text Size: 512B - Virtual size: 4KB

.text Size: 4KB - Virtual size: 4KB

.text Size: 4KB - Virtual size: 4KB

.text Size: 1024B - Virtual size: 4KB

.text Size: 512B - Virtual size: 4KB

.text Size: 3KB - Virtual size: 4KB

.text Size: 2KB - Virtual size: 4KB

.text
Size: 138KB - Virtual size: 152KB

.text
Size: 512B - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 8KB

.text
Size: 1024B - Virtual size: 4KB

.text
Size: 2KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 4KB

.text
Size: 512B - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 4KB

.text
Size: 512B - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 4KB

.text
Size: 2KB - Virtual size: 4KB