41858b55ac10a1fd7fdaec03410e0c8c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41858b55ac10a1fd7fdaec03410e0c8c_JaffaCakes118
Size

284KB
MD5

41858b55ac10a1fd7fdaec03410e0c8c
SHA1

11072819b6eb847710bcc6d659d0c0bb75957566
SHA256

292921169bc0e55163be507d5a0e26d3181acbe81fac00400317164ef514b1c8
SHA512

0e76bb39f948f27923e75c4502bb1ab7169351e93626c62483f3143323731abccf6796c4e13ef4bf189cc83abc00f26791f4dd6fb81d8c2fa6a49afee9a75bee
SSDEEP

6144:wUsHklDPYctl7i3GqfXiwFn0MGevlEU/dbVU:wUsE5YW7GGqvIMr1/bU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41858b55ac10a1fd7fdaec03410e0c8c_JaffaCakes118

Files

41858b55ac10a1fd7fdaec03410e0c8c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f534fae5a166564184a2bbf6070b8e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeImpersonateClient
RegisterClipboardFormatA
DlgDirSelectExA
GetDlgCtrlID
RealGetWindowClass
EnumDisplaySettingsExA
CallNextHookEx
DdeUnaccessData
GetWindowRgn
WindowFromDC
GetClassInfoExW
DialogBoxIndirectParamW
DdePostAdvise
CharLowerW
FlashWindowEx
ShowCursor
CreateMDIWindowA
RegisterClassExA
DefMDIChildProcA
PeekMessageW
EnumThreadWindows
LoadStringW
ScrollWindowEx
SetMenuItemBitmaps
InsertMenuA
EnumDisplaySettingsExW
GetIconInfo
GetUserObjectInformationW
LoadBitmapA
EnumClipboardFormats
ChangeMenuW
GetMonitorInfoA
OemKeyScan
GetNextDlgGroupItem
SetPropA
CloseClipboard
GetMessageExtraInfo
GetClipCursor
ShowCaret
BroadcastSystemMessageW
CharUpperA
WINNLSEnableIME
InsertMenuItemW
CreateIcon
DlgDirListComboBoxA
DdeInitializeA
DdeConnect
DdeSetQualityOfService
SetProcessDefaultLayout
RegisterClassA
TrackMouseEvent
SystemParametersInfoW
GetListBoxInfo
CreateWindowStationA
SetMessageExtraInfo
DrawTextA

comdlg32

GetOpenFileNameW
PrintDlgW

kernel32

GetTickCount
GetFileSize
GetTimeFormatA
TerminateThread
GetTimeZoneInformation
WriteFile
DuplicateHandle
OpenMutexA
GetSystemInfo
GetSystemTime
FindFirstFileW
SetThreadContext
HeapCreate
GetCurrentProcessId
CompareStringA
UnlockFile
LCMapStringW
GetCurrentThread
RaiseException
GetPrivateProfileStructW
SetFilePointer
MapViewOfFileEx
HeapFree
GlobalAddAtomW
VirtualQuery
FreeEnvironmentStringsA
GetStringTypeW
LoadLibraryA
GlobalFlags
FileTimeToDosDateTime
EnterCriticalSection
SetLocaleInfoA
GetModuleFileNameA
RtlUnwind
GetConsoleCP
FlushFileBuffers
GetDateFormatA
lstrcpynA
CreateMutexA
CreateFileMappingW
GetUserDefaultLangID
WriteConsoleInputW
UnhandledExceptionFilter
VirtualAlloc
GetNumberFormatW
VirtualAllocEx
LCMapStringA
GetProfileStringA
VirtualProtect
EnumCalendarInfoExA
GetVersionExA
IsValidLocale
CreateFileMappingA
IsValidCodePage
HeapDestroy
HeapAlloc
GetEnvironmentStringsW
SetCurrentDirectoryW
ReleaseMutex
SetLastError
CreateEventW
SetEnvironmentVariableA
WriteConsoleOutputAttribute
WritePrivateProfileSectionW
GetUserDefaultLCID
GetCommandLineA
InitializeCriticalSection
GetStringTypeA
GetThreadPriorityBoost
GetCurrentThreadId
TlsAlloc
GetCPInfo
CloseHandle
TlsGetValue
GetLocaleInfoA
DosDateTimeToFileTime
GetShortPathNameW
TerminateProcess
WaitForMultipleObjects
CreateNamedPipeA
SetConsoleTextAttribute
MultiByteToWideChar
CompareStringW
LoadLibraryExW
WriteProfileStringA
LocalAlloc
GlobalSize
SetVolumeLabelW
GetStartupInfoA
GetFileType
ReadFile
GetProcAddress
DeleteCriticalSection
FoldStringW
GetLastError
HeapSize
GetProcessHeap
SetVolumeLabelA
ExitProcess
SetHandleCount
SetConsoleScreenBufferSize
FreeEnvironmentStringsW
FindFirstFileA
VirtualFree
GetStdHandle
EnumSystemLocalesA
HeapReAlloc
FindNextFileW
GetACP
IsBadWritePtr
GetOEMCP
TlsFree
OutputDebugStringW
WriteProfileStringW
LocalHandle
EnumDateFormatsExW
LeaveCriticalSection
WritePrivateProfileSectionA
FindClose
GetCurrentProcess
GetLocaleInfoW
GlobalCompact
TlsSetValue
SetStdHandle
InterlockedCompareExchange
InterlockedExchange
WideCharToMultiByte
EnumResourceLanguagesW
GetModuleHandleA
GetEnvironmentStrings
ReadConsoleOutputW
CreateMailslotW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetThreadContext

comctl32

ImageList_Copy
ImageList_GetDragImage
ImageList_GetImageInfo
ImageList_Create
ImageList_DrawIndirect
ImageList_SetFlags
ImageList_Replace
InitCommonControlsEx
CreatePropertySheetPage
ImageList_DragShowNolock
ImageList_Remove
ImageList_Destroy
ImageList_GetImageRect

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f534fae5a166564184a2bbf6070b8e4

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

comctl32

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 92KB - Virtual size: 116KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 92KB - Virtual size: 116KB

.rsrc
Size: 36KB - Virtual size: 33KB