41172a58eeefda0aa2f558259d97d73b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41172a58eeefda0aa2f558259d97d73b_JaffaCakes118
Size

364KB
MD5

41172a58eeefda0aa2f558259d97d73b
SHA1

2a4e810496506bbf822f9aaf3c493fcc6b007b9e
SHA256

8b0837a9e98f7ae670c8c59b7a0574a057828b5ecbf3e725725eae928f543290
SHA512

0545f6ebb1604001646b3382753aef540d1203c434303b67ac03f2136d506a04ea83519e3f8dd7b0423e29a9475f8bbbf4ebc16a6307435fb31ecf5de8263fa2
SSDEEP

6144:Or/36F46rQl4vvqV7ymWwlglWTyOkPivTWt8hwVCjR+8avYMQqOoS+tBRX:o/B2vqZ9mWhkPivTrhwViRHav9Ql+tB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41172a58eeefda0aa2f558259d97d73b_JaffaCakes118

Files

41172a58eeefda0aa2f558259d97d73b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce55e4065636d9ed3bae131fc0f412cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumberFormatW
VirtualProtect
GetVersionExA
GetTimeZoneInformation
RemoveDirectoryW
IsProcessorFeaturePresent
GetCPInfo
DebugBreak
QueryDosDeviceA
VirtualFree
GetSystemTime
SetHandleCount
ReleaseMutex
IsBadStringPtrA
GetCommandLineA
CreateWaitableTimerA
ScrollConsoleScreenBufferA
GetFileAttributesA
ExitProcess
WriteConsoleOutputW
SetCommTimeouts
FindCloseChangeNotification

user32

DefFrameProcA
OemKeyScan
EnumDisplaySettingsA
GetMenuItemInfoW
GetClassInfoExW
ArrangeIconicWindows
GetWindowLongA
GetForegroundWindow
UnregisterClassA
GetWindowPlacement
CharUpperBuffA
ChangeClipboardChain
GetDlgItemInt
GetWindowLongW
IsCharAlphaNumericA
GetMenuStringA
InSendMessage
SendMessageA
ModifyMenuW
GetMenuItemRect
EnumWindows
TabbedTextOutW
InvalidateRgn
SendNotifyMessageA
GetMenu
EnumDisplaySettingsExA
EqualRect
GetMenuInfo
SetWindowLongA
IsCharLowerW
DrawTextExA
PtInRect
UnregisterClassW
PostQuitMessage
SetPropW
RemovePropA
IsClipboardFormatAvailable
SetScrollPos

gdi32

RestoreDC
SetAbortProc
SetWindowExtEx
DeleteEnhMetaFile
StartDocA
GetMapMode
CreateFontW
GetPaletteEntries
PolyPolyline
GetNearestColor
FillPath

comdlg32

PageSetupDlgA
GetOpenFileNameW

advapi32

GetSecurityDescriptorGroup
AdjustTokenPrivileges
CryptGenRandom
CloseServiceHandle
OpenSCManagerW
EnumServicesStatusA
ReadEventLogW
ReportEventW
RegQueryInfoKeyW
OpenProcessToken
SetTokenInformation
PrivilegeCheck
MakeSelfRelativeSD
GetTokenInformation
RegCreateKeyW
GetExplicitEntriesFromAclW
ObjectCloseAuditAlarmW
StartServiceCtrlDispatcherW
LogonUserA
SetNamedSecurityInfoW
EqualSid
ImpersonateSelf
AddAccessAllowedAce

shell32

ExtractIconExW
SHGetSettings
ExtractIconA

ole32

OleIsRunning
GetClassFile
OleFlushClipboard
OleCreateMenuDescriptor
IIDFromString

oleaut32

SafeArrayUnaccessData
SysFreeString
LoadTypeLi

shlwapi

UrlCombineW
PathIsUNCW
StrPBrkW
PathIsDirectoryW
PathRemoveBlanksW
SHAutoComplete

Sections

.text
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce55e4065636d9ed3bae131fc0f412cc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 332KB - Virtual size: 329KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 23KB

.text
Size: 332KB - Virtual size: 329KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 23KB