41bbf598ed274573cbc37a2cee6db3eb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

41bbf598ed274573cbc37a2cee6db3eb_JaffaCakes118
Size

308KB
MD5

41bbf598ed274573cbc37a2cee6db3eb
SHA1

0e583fb854781587454df856df43400c1376f018
SHA256

90e5436c7324e389ed93444a735c68cea642ac4208f74da28b9dfe7994db11e5
SHA512

c4fb8579cc9ae045448fb9daf910f5b1f9405adc2f9929e822b8d9e1c837069cc56e2dc8147f0df8811d43a1529d5530bef7663dfab5b0c7486f2700d214d93f
SSDEEP

6144:FoVh6Z2OILeKv8nfIixdCAAq1WDKbgmw+xX90KDP4Er5doEBP0syvLbAC7:Fon6Z2SKgIixdJzFgmw+xXTDPD2syHA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41bbf598ed274573cbc37a2cee6db3eb_JaffaCakes118

Files

41bbf598ed274573cbc37a2cee6db3eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

790a0c1f1e545bf1c261a291f9237705

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkColor
SetBkMode
DeleteObject
GetDeviceCaps
GetStockObject
CreateCompatibleDC
SelectObject
BitBlt
CreateSolidBrush

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize

kernel32

Sleep
CreateProcessW
FindResourceW
HeapCreate
IsValidCodePage
CreateProcessA
GetEnvironmentStrings
GetCurrentThreadId
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
CompareStringA
RaiseException
GetCommandLineA
HeapSize
WideCharToMultiByte
lstrlenW
LockResource
GetCurrentProcessId
SizeofResource
FileTimeToLocalFileTime
VirtualFree
RemoveDirectoryA
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
LoadLibraryExW
GetLastError
InterlockedIncrement
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
WaitForMultipleObjects
DuplicateHandle
FindFirstFileW
ResetEvent
lstrcpyA
FindFirstFileA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
GetStartupInfoW
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
FindResourceA
FreeLibrary
LoadLibraryA
FlushFileBuffers
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GetVersion
SetEndOfFile
GetConsoleMode
VirtualQuery
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
CreateThread
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
UnhandledExceptionFilter
GetPrivateProfileStringA
GetFileAttributesW
GetModuleFileNameA
GetVersionExA
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
SetLastError
GetCurrentThread
FormatMessageA
TlsGetValue
FindClose
GlobalLock
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
GetOEMCP
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
LoadLibraryW
GetCPInfo
GetTempPathA
SetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
SetErrorMode
lstrcatA
LocalAlloc
GetLocaleInfoA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetCommandLineW
SetUnhandledExceptionFilter
HeapDestroy
FindNextFileA
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetUserDefaultLCID
GetSystemDefaultLangID
VirtualAlloc
GetStartupInfoA

advapi32

RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString

user32

ScreenToClient
GetDlgItem
CreateWindowExA
SetWindowTextA
SetCapture
GetWindowRect
GetSystemMetrics
KillTimer
BeginPaint
EndPaint
FillRect
SetTimer
GetSysColor
RegisterClassA
IsIconic
SetForegroundWindow
GetWindow
IsWindowEnabled
TranslateMessage
LoadCursorA
ShowWindow
DefWindowProcA
UpdateWindow
GetParent
DestroyWindow
GetClientRect
GetCursorPos
GetDC
DispatchMessageA
IsWindow
SetWindowPos
PostQuitMessage
PostMessageA
GetKeyState
InvalidateRect
SendMessageA
CallWindowProcA
EnableWindow
SetCursor
GetDesktopWindow
ReleaseDC
PeekMessageA
MessageBoxA
GetWindowLongA

msvcrt

_strcmpi
_onexit
__dllonexit
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
exit
_except_handler3

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

790a0c1f1e545bf1c261a291f9237705

Headers

File Characteristics

Imports

gdi32

ole32

kernel32

advapi32

oleaut32

user32

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 280KB - Virtual size: 277KB

.rsrc Size: 4KB - Virtual size: 632B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 280KB - Virtual size: 277KB

.rsrc
Size: 4KB - Virtual size: 632B