41822e0dd51b2229991269d3d85ff3c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41822e0dd51b2229991269d3d85ff3c2_JaffaCakes118
Size

320KB
MD5

41822e0dd51b2229991269d3d85ff3c2
SHA1

1d63cfbc5661309e85fa226c6aafb56486215990
SHA256

dfcec74f0760fe65db368fb3422a66cdf27b540c134392aa1fae0c10e8c9da19
SHA512

19cd4aff201be42e202c62dc58aa5e52b8e67315462d7698a938192ab8f238524dcee8c33530428363865deb758b95bea8d385c0cab3e4e04983b29194d5f29f
SSDEEP

6144:ZVVfkJauYbKI8AJTMge0R9XJmmYY2jOs5R+vZ7P8:ZVV8JhYnljmc2Smc70

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41822e0dd51b2229991269d3d85ff3c2_JaffaCakes118

Files

41822e0dd51b2229991269d3d85ff3c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e62992dc468056e5bcf1e04d69092c54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\isx

Imports

comctl32

ImageList_SetFilter
ImageList_Merge
CreateStatusWindowA
CreatePropertySheetPage
CreateUpDownControl
ImageList_DrawEx
ImageList_Replace
ImageList_SetIconSize
ImageList_Draw
ImageList_SetDragCursorImage
ImageList_SetFlags
ImageList_DragMove
InitMUILanguage
ImageList_GetImageCount
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_AddIcon
ImageList_DragEnter
CreatePropertySheetPageA
ImageList_DragShowNolock
CreateStatusWindowW
ImageList_GetFlags

kernel32

CompareStringA
SetFilePointer
lstrlenW
GetConsoleCP
GetConsoleOutputCP
GetModuleHandleA
GetEnvironmentStrings
GetPrivateProfileStructW
GetTickCount
GetModuleFileNameA
IsValidLocale
SetLastError
TlsSetValue
GetCommandLineW
PulseEvent
GetCPInfo
CreateFileA
IsDebuggerPresent
SetUnhandledExceptionFilter
VirtualQuery
InterlockedIncrement
GetCurrentProcessId
InterlockedExchange
GetTimeFormatA
HeapCreate
GetConsoleScreenBufferInfo
FileTimeToDosDateTime
Sleep
GetCommandLineA
ReadConsoleOutputCharacterA
InitializeCriticalSection
CopyFileA
GetFileType
IsValidCodePage
WriteConsoleW
WideCharToMultiByte
LeaveCriticalSection
HeapAlloc
LCMapStringW
lstrcmpA
TlsGetValue
DeleteCriticalSection
FreeEnvironmentStringsA
LoadLibraryA
FindClose
EnumCalendarInfoA
GetEnvironmentStringsW
VirtualFree
TlsFree
SetConsoleCtrlHandler
HeapFree
UnhandledExceptionFilter
GetStringTypeW
HeapReAlloc
FreeEnvironmentStringsW
HeapDestroy
VirtualAlloc
ReadFile
EnterCriticalSection
GetStdHandle
GetProcessHeap
TerminateProcess
ExitProcess
LoadResource
GetTimeZoneInformation
GetCurrentThread
CreateMailslotA
GetModuleFileNameW
FreeLibrary
RtlUnwind
GetOEMCP
EnumSystemLocalesA
FindNextFileA
GetVersionExA
GetLocaleInfoA
GetDateFormatA
GetLocaleInfoW
CloseHandle
GetCurrentThreadId
InterlockedDecrement
GetStringTypeA
HeapSize
OpenMutexA
GetSystemTimeAsFileTime
WriteFile
FlushFileBuffers
GetCurrentProcess
GetProcAddress
GetStartupInfoW
SetStdHandle
GetLastError
SetEnvironmentVariableA
GetUserDefaultLCID
CompareStringW
CompareFileTime
MultiByteToWideChar
ReadConsoleA
GetConsoleMode
TlsAlloc
SetHandleCount
CreateMutexA
LCMapStringA
RemoveDirectoryW
QueryPerformanceCounter
EnumCalendarInfoExW
GetStartupInfoA
GetACP
WriteConsoleA

shell32

SheGetDirA
ExtractIconExA
SHChangeNotify

gdi32

SetAbortProc
GetObjectA
GetPaletteEntries
SelectClipRgn
CreateMetaFileA
StretchBlt
SetDIBits
SelectObject
OffsetRgn
StretchDIBits
GetTextFaceA
CreateICW
ScaleViewportExtEx
GetObjectW
GetICMProfileW
Ellipse
GetTextMetricsW
GetDeviceCaps
CopyMetaFileW
SetFontEnumeration
DeleteDC
DescribePixelFormat
UpdateColors
GetEnhMetaFileW
CreateDCA

user32

DdeFreeDataHandle
RegisterClassExA
GetAltTabInfo
IsRectEmpty
BeginDeferWindowPos
SwitchToThisWindow
GetClassInfoA
ShowWindow
SystemParametersInfoW
WindowFromPoint
RegisterClassW
OemKeyScan
BroadcastSystemMessageA
PeekMessageW
MessageBoxA
IsDlgButtonChecked
CreateWindowExA
SetWindowLongA
IsCharAlphaA
DdeQueryConvInfo
DdeAccessData
GetMessageTime
RegisterClassA
SetWindowPos
MapDialogRect
DestroyAcceleratorTable
InsertMenuItemW
TranslateMessage
EnableMenuItem
DestroyWindow
GetDoubleClickTime
DdeGetLastError
DefWindowProcA
SetMessageExtraInfo

advapi32

RegRestoreKeyA
RegCreateKeyA
RegOpenKeyExA
ReportEventA
RegLoadKeyW
CryptDeriveKey
CryptSetProviderW
RegDeleteKeyA
RegQueryValueW
DuplicateTokenEx
LookupPrivilegeValueA
CryptDecrypt
RegReplaceKeyW
CryptSetProviderA
LookupPrivilegeDisplayNameA
RegSetValueExW
InitiateSystemShutdownA
RegEnumValueA

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e62992dc468056e5bcf1e04d69092c54

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

shell32

gdi32

user32

advapi32

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 100KB - Virtual size: 96KB

.data Size: 92KB - Virtual size: 120KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 100KB - Virtual size: 96KB

.data
Size: 92KB - Virtual size: 120KB

.rsrc
Size: 36KB - Virtual size: 34KB