41b007b09b3da5bf2f1e6bf34d7ca6c1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

41b007b09b3da5bf2f1e6bf34d7ca6c1_JaffaCakes118
Size

589KB
MD5

41b007b09b3da5bf2f1e6bf34d7ca6c1
SHA1

1c1b84e1cf1576f8d5c9622aad42def01c48a493
SHA256

9f44eaf881e2e145794a360aca1cdd2e9ac2e020e59b1829ea8f92d4fd3eebd0
SHA512

50347bc41495d893c1c71fdb0b36bb2a56d672d7af9c3ad0dcc8cfd334ead9c96c849863afaeb3d555924de61a79febc5a39e6ba2b965c4289b2c96ab2584ec3
SSDEEP

12288:MUiTFXMfffP5dgVHYPT4m90rrYQp48+0I6O4lNh7vaqFaFmSiyyjKF:MUihXy/YClF6O4HhBd8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41b007b09b3da5bf2f1e6bf34d7ca6c1_JaffaCakes118

Files

41b007b09b3da5bf2f1e6bf34d7ca6c1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5f7d73efdd4130c7c591bc877d0eedde

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\pulls\\Release\conclusion.pdb

Imports

kernel32

WideCharToMultiByte
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
GetProcAddress
IsDBCSLeadByte
SetEndOfFile
GetStringTypeW
LCMapStringW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
HeapReAlloc
HeapCreate
TlsFree
TlsSetValue
InitializeCriticalSectionAndSpinCount
TlsAlloc
LoadLibraryW
SetHandleCount
SetFilePointer
ReadFile
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
EncodePointer
GetFileType
WriteConsoleW
DecodePointer
ExitProcess
GetModuleHandleW
InterlockedPopEntrySList
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
lstrlenW
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
lstrcpyA
lstrcmpA
GetVersionExA
FlushInstructionCache
SetLastError
SetFileAttributesA
DeactivateActCtx
DebugSetProcessKillOnExit
CreateThread
SetEvent
WaitNamedPipeA
CreateFileA
lstrlenA
WriteFile
ExitThread
GetCurrentProcessId
CreateFileW
GetFileSize
RaiseException
DeleteCriticalSection
GetCurrentThreadId
LoadLibraryA
GetLastError
GlobalGetAtomNameW
OpenProcess
GetCurrentProcess
DuplicateHandle
CloseHandle
GlobalDeleteAtom
MapViewOfFile
GlobalAlloc
UnmapViewOfFile
GlobalFree
CreateFileMappingW
GlobalAddAtomW
EnumSystemCodePagesW
lstrcpynA
MultiByteToWideChar
GetModuleFileNameW
GetStdHandle
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
SetConsoleCursorPosition
VirtualAlloc
CreateEventA
WaitForSingleObject
GetCurrentThread
Sleep
OutputDebugStringA
GetModuleHandleA
FreeLibrary
TlsGetValue

user32

GetActiveWindow
GetParent
GetWindowLongA
MonitorFromWindow
IsClipboardFormatAvailable
GetMenuItemID
GetWindowTextLengthA
GetMenuItemCount
DialogBoxParamA
EndDialog
RegisterClassExA
MapWindowPoints
MoveWindow
ClientToScreen
GetWindowRect
AdjustWindowRectEx
DrawIcon
InsertMenuA
CheckMenuRadioItem
GetMenu
DrawTextA
MonitorFromPoint
GetMenuItemInfoA
SetMenuItemInfoA
SetRectEmpty
SystemParametersInfoA
GetWindowDC
ReleaseDC
GetMonitorInfoA
IsDialogMessageA
GetWindowInfo
DrawIconEx
GetDesktopWindow
GetTopWindow
GetWindowThreadProcessId
GetWindow
DestroyIcon
LoadBitmapA
CopyRect
DrawStateA
ScrollWindow
GetScrollInfo
SetScrollInfo
UnionRect
SetRect
GetSystemMetrics
PeekMessageA
DefWindowProcA
DrawEdge
SetWindowLongA
OffsetRect
EnableMenuItem
IsDlgButtonChecked
RedrawWindow
UnregisterClassA
LookupIconIdFromDirectory
GetCursorInfo
InvalidateRect
DrawTextW
UpdateWindow
CreateDialogParamA
InsertMenuItemA
CharToOemA
SetTimer
GetLastActivePopup
HideCaret
CharNextA
GetWindowTextW
BeginPaint
GetSysColor
LoadCursorA
SetCursor
GetClientRect
FillRect
EndPaint
CallWindowProcA
GetMessageA
TranslateMessage
DispatchMessageA
GetDlgItem
SendMessageA
DestroyWindow
LoadImageA
GetCursorPos
ShowWindow
SetWindowPos
SetWindowTextA
PostQuitMessage
LoadIconA
LoadStringA
LoadMenuA
GetSubMenu
TrackPopupMenu
DestroyMenu
GetRawInputData
TrackMouseEvent
MessageBoxA
KillTimer

gdi32

CreateRoundRectRgn
ChoosePixelFormat
CreateDIBSection
GetStockObject
SetBoundsRect
Rectangle
ExtTextOutA
GetCurrentObject
SetTextColor
DeleteObject
CreateFontIndirectA
DeleteDC
CreatePen
CreateSolidBrush
SetBkMode
CombineRgn
CreateRectRgn
CreateFontW
SetBkColor
SetTextAlign
ExtTextOutW
CreateBitmap
SelectObject
CreateCompatibleDC
GetObjectA
BitBlt
SetBrushOrgEx
PatBlt
AddFontResourceExW
CreatePatternBrush

advapi32

RegCreateKeyExA
RegQueryInfoKeyW
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
GetSecurityDescriptorDacl
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
ImpersonateAnonymousToken
OpenThreadToken

shell32

SHBrowseForFolderA
Shell_NotifyIconA
ord256
ord3
ShellExecuteA

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
CoUnmarshalInterface
CoMarshalInterface
CoReleaseMarshalData
CoUninitialize
CoTaskMemFree

oleaut32

OleTranslateColor
VarUI4FromStr

shlwapi

PathRemoveFileSpecW
PathFileExistsW
StrToIntExA

comctl32

ImageList_LoadImageA
InitCommonControlsEx
ImageList_Create
ImageList_ReplaceIcon
ImageList_Destroy
ord17
ImageList_Draw
ImageList_GetIcon

opengl32

glMatrixMode
glFrustum

ws2_32

accept
shutdown
closesocket
send
WSAAsyncSelect

avifil32

AVIStreamWrite

msacm32

acmDriverClose

winmm

timeGetDevCaps
timeSetEvent
timeKillEvent
timeEndPeriod
waveInGetNumDevs
waveInGetDevCapsA
waveOutGetNumDevs
waveOutGetDevCapsA
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInReset
waveInOpen

activeds

ord9

rasapi32

RasEnumEntriesW

Sections

.text
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f7d73efdd4130c7c591bc877d0eedde

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

opengl32

ws2_32

avifil32

msacm32

winmm

activeds

rasapi32

Sections

.text Size: 271KB - Virtual size: 270KB

.rdata Size: 41KB - Virtual size: 40KB

.data Size: 71KB - Virtual size: 79KB

Size: 512B - Virtual size: 38B

.rsrc Size: 204KB - Virtual size: 204KB

.text
Size: 271KB - Virtual size: 270KB

.rdata
Size: 41KB - Virtual size: 40KB

.data
Size: 71KB - Virtual size: 79KB

.rsrc
Size: 204KB - Virtual size: 204KB