41a5726ee14b36783b319a878e8c83a7_JaffaCakes118

General

Target

41a5726ee14b36783b319a878e8c83a7_JaffaCakes118
Size

225KB
MD5

41a5726ee14b36783b319a878e8c83a7
SHA1

fc60f0eea506d9b8e936fbbcc44b1073ba1a468d
SHA256

494b90e6798475cf2acd789d0c48790a2b4b4ade5539b8834a585e36a59ea790
SHA512

589f513967cb2e043ec2159e08d0bd1038c53c80e8c00be5236dafbaf64311e866b7b3261f7a63a1ad7f411871297f3dd2afc8d5aa8e44f18e4b808e6271b52b
SSDEEP

6144:N43cfoIDTxACNsoHHSQt6pxMdvj1k+pHKV3wvJk:GrIbzSVuHKRwvJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41a5726ee14b36783b319a878e8c83a7_JaffaCakes118

Files

41a5726ee14b36783b319a878e8c83a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0472bc5b821ab4e27f2835c6847c53e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CancelDeviceWakeupRequest
CommConfigDialogW
ConvertThreadToFiber
CopyFileExW
EnumDateFormatsA
ExitProcess
GetNumberFormatW
GetPrivateProfileSectionNamesW
GetSystemInfo
GetTimeFormatW
GetWriteWatch
GlobalGetAtomNameA
GlobalMemoryStatus
Heap32ListNext
InitAtomTable
IsBadReadPtr
MapViewOfFile
OpenFileMappingA
SetConsoleTextAttribute
SetEnvironmentVariableW
SetSystemTime
UnlockFile
_llseek

user32

BringWindowToTop
BroadcastSystemMessageW
CascadeChildWindows
DdeConnect
DdeQueryStringA
DeleteMenu
DlgDirSelectComboBoxExW
DlgDirSelectExA
DrawIcon
EqualRect
GetInputDesktop
GetPropW
GetSubMenu
LoadStringA
MenuItemFromPoint
MessageBoxA
MonitorFromRect
RegisterHotKey
ScrollDC
SendDlgItemMessageW
SetLastErrorEx
SetRectEmpty
SetScrollRange
wsprintfA

gdi32

AnimatePalette
CopyEnhMetaFileW
CreateBitmapIndirect
CreateDIBitmap
CreateEllipticRgnIndirect
CreateFontA
CreatePen
CreatePolygonRgn
EndPath
EnumFontFamiliesExA
Escape
ExtFloodFill
FixBrushOrgEx
GdiGetBatchLimit
GetAspectRatioFilterEx
GetCharABCWidthsFloatW
GetCharWidthFloatW
GetCurrentObject
GetFontLanguageInfo
GetGlyphOutlineA
GetLogColorSpaceW
GetNearestColor
GetPixel
GetTextMetricsW
LPtoDP
LineDDA
PlayEnhMetaFileRecord
StartDocA
UpdateColors

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 223KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0472bc5b821ab4e27f2835c6847c53e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 223KB - Virtual size: 236KB

.idata Size: - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 204KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 223KB - Virtual size: 236KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 204KB