41cddb92c40e1603cdd00456cf19b1b8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

41cddb92c40e1603cdd00456cf19b1b8_JaffaCakes118
Size

448KB
MD5

41cddb92c40e1603cdd00456cf19b1b8
SHA1

c55741e0e2068f8f2c1f920822335ecf2816a17e
SHA256

fdadd323f4e3b7dfa61822fb9abe621a9dc0b79f465c8b767cee4f5ecf4bb194
SHA512

fcb9110cc2c6e469079c400ab2f2a7cd55c92011fcdcc7a38a4fb483489a2ac642e097bf9099a94063b4ff5e7450116f2ac581292f1b81a252731d6181a902d0
SSDEEP

6144:wQN9opCq9B2U1NZx9WRpRnbcE96n6+mpv2muhHklc37k8ztMj/+pLp:5opCQ4YWRnYE06+0BumlmkvzCp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41cddb92c40e1603cdd00456cf19b1b8_JaffaCakes118

Files

41cddb92c40e1603cdd00456cf19b1b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

982743084788149c6ce422e317f10d83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
LoadLibraryA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
LCMapStringW
Sleep
GetModuleFileNameA
WriteFile
ExitProcess
RaiseException
GetFileType
GetStdHandle
SetHandleCount
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
SetFilePointer
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
GetCurrentThread
HeapAlloc
GetSystemInfo
GetProcAddress
WaitForSingleObject
GetVersionExA
FillConsoleOutputCharacterA
TlsFree
TlsSetValue
lstrcpynA
lstrcpyA
VirtualAlloc
OutputDebugStringA
GetModuleHandleA
CreateEventA
GetLastError
GetProcessHeap
lstrcmpA
HeapFree
TlsAlloc
TlsGetValue
HeapReAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
FreeEnvironmentStringsA
GetFileInformationByHandle

user32

GetSystemMetrics
SendMessageA
IsWindowVisible
PostQuitMessage
GetClassNameA
EndDialog
InflateRect
ReleaseDC
GetClientRect
BeginPaint
IsClipboardFormatAvailable
GetMessageA
SetMenu
IsIconic
KillTimer
GetParent
GetFocus
GetWindow
LoadIconA
ClientToScreen
DispatchMessageA
CallNextHookEx
DrawFocusRect
LoadCursorA
CreateWindowExA
SetWindowPos
MapWindowPoints
TranslateMessage
RegisterClassExA
SetPropA
EndPaint
GetDC
GetCursorPos
GetWindowRect
UpdateWindow
DefWindowProcA
LoadAcceleratorsA
OffsetRect
DestroyWindow
SetFocus
DialogBoxParamA
EnumDesktopsA
MessageBeep
GetWindowLongA
LoadBitmapA
GetMenuCheckMarkDimensions
GetDesktopWindow
SetForegroundWindow
WindowFromPoint
TranslateAcceleratorA
ShowWindow
RemovePropA
CopyRect
SetActiveWindow
LoadStringA

gdi32

CombineRgn
ExtTextOutA
CreateDIBSection
SetPixelFormat
DeleteObject
CreateBitmapIndirect
GetPixel
DeleteDC
CreateCompatibleDC
SetBkColor
CreateRectRgn
SetTextJustification
CreateBitmap
SelectObject
CreateSolidBrush
BitBlt

comdlg32

GetOpenFileNameA

advapi32

AddAccessAllowedAceEx
RevertToSelf
SetEntriesInAclW
OpenThreadToken
AddAccessDeniedAce
UpdateTraceA
ImpersonateLoggedOnUser

shell32

Shell_NotifyIconA

ole32

CoInitialize
CoCreateInstance

oleaut32

SafeArrayAccessData
SafeArrayGetUBound
CreateStdDispatch
SafeArrayUnaccessData
SafeArrayGetLBound

ws2_32

WSAStartup

netapi32

NetWkstaUserEnum
NetApiBufferFree
NetWkstaSetInfo
NetWkstaGetInfo

msvfw32

ICCompressorChoose

msimg32

GradientFill

rpcrt4

RpcImpersonateClient

opengl32

glLoadIdentity
glOrtho
glViewport
glMatrixMode

glu32

gluLookAt

uxtheme

IsThemeBackgroundPartiallyTransparent

ntdsapi

DsReplicaVerifyObjectsA

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

982743084788149c6ce422e317f10d83

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

netapi32

msvfw32

msimg32

rpcrt4

opengl32

glu32

uxtheme

ntdsapi

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 292KB - Virtual size: 289KB

We care about your privacy.

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 292KB - Virtual size: 289KB