41e5bcbfbcb94c95f9f31eaa8364ae9b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41e5bcbfbcb94c95f9f31eaa8364ae9b_JaffaCakes118
Size

84KB
MD5

41e5bcbfbcb94c95f9f31eaa8364ae9b
SHA1

f7940fab8a49f70fdce16efc18f85e504c57787f
SHA256

4f1fed59eaab6a7af86370ebd8f229927079b78765f75bad916a5adab37ef804
SHA512

916537727eee5f029d9d1b05bdf7e46a9937e786b82fbb550abbe927f6ad5a3892d6d6b4d4ab121ea27a34080282cc3e8bb93fa6ebb582949323ac813b3126ef
SSDEEP

1536:LZXIITaO1l9BOBaqCxf2o3ZW3q2yDGatBLxMgVi:xh9qtXSBLSn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41e5bcbfbcb94c95f9f31eaa8364ae9b_JaffaCakes118

Files

41e5bcbfbcb94c95f9f31eaa8364ae9b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53e4d80b8f2edc278ee60a30380c283f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegFlushKey
RegDeleteKeyA
RegReplaceKeyW
RegDeleteValueA
RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegReplaceKeyA
RegQueryValueA
RegDeleteValueW
RegOpenKeyA
RegQueryValueW
RegEnumKeyA
RegQueryInfoKeyA
RegEnumValueA
RegCreateKeyExA
RegLoadKeyW
RegGetKeySecurity
RegEnumKeyExW

comctl32

ImageList_AddMasked
ImageList_Read
ImageList_AddIcon
ImageList_DrawEx
ImageList_BeginDrag
ImageList_GetImageRect
ImageList_LoadImage
ImageList_Create
ImageList_LoadImageW
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DrawIndirect
ImageList_Destroy
ImageList_Copy
ImageList_EndDrag
ImageList_GetIcon
ImageList_DragLeave
ImageList_Replace
ImageList_LoadImageA

user32

DrawIcon
EndDialog
AlignRects
DrawTextA
AppendMenuW
GetFocus
LoadCursorA
GetWindowTextA
DialogBoxParamW
InsertMenuA
CreateIcon
DrawIconEx
GetWindowTextLengthA
CopyRect
GetMenu
DrawTextW
CopyImage

kernel32

SetLastError
GetLastError
ReadFile
GetCPInfo
DeleteFileA
CopyFileA
FindAtomA
CreateThread
GetConsoleMode
OpenFile
GetFileTime
CopyFileW
ReadConsoleA
GetCommandLineA
Sleep
GlobalFree
GetFileSize
OpenFileMappingA
CopyFileExA
WriteFile

gdi32

AddFontResourceExA
GetBitmapBits
GetPixel
GetDCOrgEx
AddFontResourceExW
CloseMetaFile
CopyMetaFileA
AbortPath
ExtTextOutA
GetPixel
GetClipBox
CloseFigure
DeleteObject
AddFontResourceTracking
AddFontResourceA
SetTextColor

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 64KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53e4d80b8f2edc278ee60a30380c283f

Headers

File Characteristics

Imports

advapi32

comctl32

user32

kernel32

gdi32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 64KB - Virtual size: 112KB

.reloc Size: - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 64KB - Virtual size: 112KB

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB