36cc3400927d89b6e43582adc7146b9a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

36cc3400927d89b6e43582adc7146b9a_JaffaCakes118
Size

191KB
MD5

36cc3400927d89b6e43582adc7146b9a
SHA1

a04264b5c5d1f7cded8f85bc341e9164316bb1bb
SHA256

a7045ec2b47609df677c922b593ca963d45b951e6526036932dd8af49bd543f7
SHA512

851a3bb9c6d6eb9e95bae7d47521fcfd69999146679610e20311fa92faa9959b7964127d8a57f666a33d12a23b9ce8ca4af53951eed3f41d13363a15685a8cfa
SSDEEP

3072:oj32H5zKbRzSBzNHwRL/pT4e6QuYHhcLatckYnL26sMiem0hA7nBR5zZdcO1c2:ojkzizL/94e6qHFOkYKahA7nNzcO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36cc3400927d89b6e43582adc7146b9a_JaffaCakes118

Files

36cc3400927d89b6e43582adc7146b9a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b92d21a2555200897cb989386a9231f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleHandleA
VirtualAllocEx
GetProcAddress
VirtualAlloc
IsBadHugeReadPtr
CloseHandle
GetCommandLineW
Sleep
GetVersionExA
lstrlenA
GlobalAlloc
ExitProcess
ExitThread
GetStartupInfoA
lstrcpynA
ExitThread
GetModuleFileNameA

shell32

SHGetSpecialFolderLocation
SHGetFileInfoA
SHFileOperationA
Shell_NotifyIconA

comctl32

ImageList_DrawEx
ImageList_Create
ImageList_Destroy
ImageList_Draw
ImageList_Add
ImageList_Write
ImageList_Remove

shlwapi

SHQueryValueExA
SHGetValueA
PathGetCharTypeA
SHDeleteValueA
SHSetValueA
SHEnumValueA
PathFileExistsA

advapi32

RegEnumKeyA
RegOpenKeyExA
RegOpenKeyA

msvcrt

malloc
log10
atan
wcstol
log10
exp
abs
memcpy
sqrt

comdlg32

FindTextA

oleaut32

VariantChangeType

version

GetFileVersionInfoSizeA
VerQueryValueA

user32

BeginPaint
AdjustWindowRectEx
CallNextHookEx

gdi32

GetDCOrgEx
LineTo
BitBlt
CreatePenIndirect
SetBkColor
GetRgnBox
CreatePalette
SetPixel
SaveDC

ole32

MkParseDisplayName
CoCreateGuid
CoGetObjectContext
OleCreateStaticFromData
CreateStreamOnHGlobal
StgOpenStorage
GetHGlobalFromStream

Sections

CODE
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b92d21a2555200897cb989386a9231f

Headers

File Characteristics

Imports

kernel32

shell32

comctl32

shlwapi

advapi32

msvcrt

comdlg32

oleaut32

version

user32

gdi32

ole32

Sections

CODE Size: 45KB - Virtual size: 44KB

.rdata Size: 1024B - Virtual size: 672B

.data Size: 8KB - Virtual size: 72KB

.bdata Size: 2KB - Virtual size: 1KB

.adata Size: 128KB - Virtual size: 127KB

.cdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 980B

CODE
Size: 45KB - Virtual size: 44KB

.rdata
Size: 1024B - Virtual size: 672B

.data
Size: 8KB - Virtual size: 72KB

.bdata
Size: 2KB - Virtual size: 1KB

.adata
Size: 128KB - Virtual size: 127KB

.cdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 980B