41107f5edbb5bb2f99e4fb542e28669b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

41107f5edbb5bb2f99e4fb542e28669b_JaffaCakes118
Size

540KB
MD5

41107f5edbb5bb2f99e4fb542e28669b
SHA1

7380b160d0d08fd8270dfaf7df91994aee9e7047
SHA256

82d1283754df8765ce3c3199971557ba7d9b0ce875277568085ba13af9216c8e
SHA512

14390e298a4448dd11b8e5f8c24a525a9bac93eac300e7e533871f42f10adff20d160cda6f28b16b1fa0ca3d9dc5573838c7fcc8e5b8513d7611f6bdac665eae
SSDEEP

12288:Bio4dL+1Wvwtu262Y9Wj7IKCUOaqkBi18qo1Zce6cvSH3ZefHo5u4ke5tE:Bio4dLSWShbjXBivo1Ce6ca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41107f5edbb5bb2f99e4fb542e28669b_JaffaCakes118

Files

41107f5edbb5bb2f99e4fb542e28669b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ec9b95275a4c395ad9694ef72c04674

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\

Imports

advapi32

LookupAccountSidA
LookupPrivilegeValueA
RegEnumKeyW
RegQueryInfoKeyA
RegQueryValueExA
RegQueryValueExW
LookupAccountNameA
AbortSystemShutdownA
CreateServiceW
GetUserNameW
ReportEventW

shell32

SHGetDataFromIDListA
SHAppBarMessage
ExtractIconW
ShellExecuteEx
RealShellExecuteW

comctl32

ImageList_Create
CreateStatusWindowA
CreateMappedBitmap
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_BeginDrag
CreateToolbarEx
ImageList_SetDragCursorImage
ImageList_DrawEx
DrawStatusTextW
ImageList_Draw
ImageList_GetIconSize
_TrackMouseEvent
DrawStatusText
ImageList_SetFlags
CreateStatusWindow
ImageList_AddMasked
CreateUpDownControl

gdi32

EnumFontFamiliesA
PlayEnhMetaFileRecord
EnumObjects
GetNearestColor
SetViewportExtEx
GetTextMetricsA
GetROP2
CreateDiscardableBitmap
SetViewportOrgEx
CreatePolyPolygonRgn
CreateRoundRectRgn
CreateColorSpaceA
CreateEllipticRgn
AddFontResourceW
GetPaletteEntries
UpdateICMRegKeyA
GetPixel
EnumICMProfilesA
RealizePalette

user32

PtInRect
GetCapture
ToUnicodeEx
ChangeDisplaySettingsExA
SetRectEmpty
MessageBoxA
GetMessageTime
SetProcessWindowStation
ImpersonateDdeClientWindow
BroadcastSystemMessageA
ShowWindow
TrackPopupMenu
DefWindowProcW
DdeConnect
CharUpperA
CreateWindowExA
SetClipboardViewer
MapVirtualKeyExW
ShowOwnedPopups
IsCharAlphaNumericA
WINNLSGetIMEHotkey
DestroyWindow
EndMenu
IsDlgButtonChecked
SendDlgItemMessageA
GetMessageA
OpenDesktopA
DdeUnaccessData
MessageBoxIndirectA
GetClassInfoW
IsMenu
GetMenuContextHelpId
DdeQueryConvInfo
PeekMessageA
GetCursor
SetWindowPos
CreateWindowExW
RegisterClassA
CreateDialogIndirectParamW
GetScrollBarInfo
ModifyMenuW
CharLowerA
SubtractRect
SetPropW
DrawMenuBar
ClientToScreen
RegisterClassExA
BringWindowToTop
InsertMenuItemA
RemovePropW
OemToCharBuffW
HideCaret
SetMenuInfo

kernel32

VirtualProtect
SetStdHandle
IsValidCodePage
FreeEnvironmentStringsA
LoadLibraryA
GetStartupInfoA
WriteConsoleW
CloseHandle
HeapReAlloc
GetEnvironmentStrings
TlsAlloc
FreeEnvironmentStringsW
GetTickCount
GetModuleHandleA
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
LCMapStringA
GetCurrentThread
GetVersionExA
GetProcAddress
RtlUnwind
MultiByteToWideChar
SetConsoleCtrlHandler
SetHandleCount
CreateFileA
LCMapStringW
UnhandledExceptionFilter
FreeLibrary
TlsSetValue
FlushFileBuffers
VirtualQuery
GetModuleFileNameA
GetTimeZoneInformation
ReadFile
TlsFree
GetCurrentProcess
EnterCriticalSection
GetStdHandle
GlobalSize
GetUserDefaultLCID
GetDateFormatA
FindNextFileW
GetLocaleInfoA
VirtualAlloc
GetCurrentProcessId
LocalFlags
CreateMutexA
InterlockedIncrement
TerminateProcess
HeapAlloc
SystemTimeToTzSpecificLocalTime
WideCharToMultiByte
InterlockedExchange
CompareStringA
GetACP
GlobalHandle
GetConsoleMode
HeapSize
GetCommandLineA
QueryPerformanceCounter
DeleteFiber
GetCPInfo
SetLastError
GetConsoleCP
ExitProcess
GetLastError
GetStringTypeA
GetEnvironmentStringsW
GetOEMCP
SetEnvironmentVariableA
WriteConsoleA
GetCurrentThreadId
EnumSystemLocalesA
LeaveCriticalSection
GetProcessHeap
Sleep
ReadConsoleOutputW
InitializeCriticalSection
InterlockedDecrement
GetTimeFormatA
GetLocaleInfoW
TlsGetValue
HeapFree
WriteFile
CompareStringW
SetUnhandledExceptionFilter
FlushViewOfFile
GetFileType
GetStringTypeW
IsDebuggerPresent
DeleteCriticalSection
GetPrivateProfileIntW
VirtualFree
GetConsoleOutputCP
IsValidLocale
SetFilePointer
OpenMutexA

comdlg32

FindTextA
ChooseColorW
PrintDlgA
ChooseColorA

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ec9b95275a4c395ad9694ef72c04674

Headers

File Characteristics

PDB Paths

Imports

advapi32

shell32

comctl32

gdi32

user32

kernel32

comdlg32

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 108KB - Virtual size: 130KB

.rsrc Size: 72KB - Virtual size: 70KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 108KB - Virtual size: 130KB

.rsrc
Size: 72KB - Virtual size: 70KB