41fb905823323881cc4dc33c0f1a1eeb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41fb905823323881cc4dc33c0f1a1eeb_JaffaCakes118
Size

312KB
MD5

41fb905823323881cc4dc33c0f1a1eeb
SHA1

6406c035b89dd57731c74744d52fd37aadbd72ce
SHA256

7707e696e05e3301531a3ef661f7ce033e7380975989444d05a281d34b15b0b1
SHA512

62d1930407ce6067e21699421a5d1c187fbbc21422bd337da8e9998dab4be7e039f98f0379f1408c2ebc611867d897750170b0d80b6def051e20dcb59bd9e451
SSDEEP

6144:IM9GXCPxdEzDqV4sciza11x/fIpyZ/jqcTmaVMv17MRA:jKCP3EHj/o+rqcTdqvc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41fb905823323881cc4dc33c0f1a1eeb_JaffaCakes118

Files

41fb905823323881cc4dc33c0f1a1eeb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5238b2a43d12840ea2d0b5c5085483f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
EraseTape
UnmapViewOfFile
LeaveCriticalSection
GetFileType
OutputDebugStringW
VirtualAllocEx
PrepareTape
GetLocaleInfoW
PeekConsoleInputW
VirtualQuery
GetCurrentProcess
lstrcmpiA
GetTempFileNameA
GetSystemDirectoryW
GetTapeParameters
AllocConsole
CreateEventA
ConnectNamedPipe
GetConsoleMode
ExitProcess
GetSystemTime
FindResourceExW
GetThreadPriority
WritePrivateProfileSectionW
GetCommState
_lread
PulseEvent
MultiByteToWideChar
IsDBCSLeadByteEx
GetTapeStatus
GetOEMCP
WritePrivateProfileSectionA
LoadLibraryExA
GetHandleInformation
FindFirstFileA
GetCommModemStatus
ClearCommBreak
SetVolumeLabelA
WritePrivateProfileStringW
GetModuleFileNameW
GetVolumeInformationW
GetFileInformationByHandle
GlobalFindAtomA
SetMailslotInfo
DosDateTimeToFileTime
CreateIoCompletionPort
CreateDirectoryA
VirtualFree
OpenSemaphoreW
GetConsoleCursorInfo
CreateMutexA
GetModuleHandleA
GetSystemInfo
lstrcmpA
_hread
FreeEnvironmentStringsA
DeleteCriticalSection
GetPrivateProfileSectionW
EnumResourceNamesA
PurgeComm
GlobalFlags
VirtualProtect
GetVersionExA
EnumCalendarInfoA
GetPrivateProfileStringA
EnumDateFormatsW
GetACP
SetThreadPriorityBoost
SetProcessWorkingSetSize
QueryDosDeviceW
FormatMessageA
SetNamedPipeHandleState
ReleaseMutex
GetEnvironmentVariableW
GetStartupInfoA
GetFullPathNameA
SetErrorMode
DuplicateHandle
WaitNamedPipeA
EnumSystemCodePagesW
CancelIo
GetFileAttributesExA
SetConsoleOutputCP
SetLastError
CreateFileW
InitializeCriticalSection
MoveFileW
VirtualAlloc

user32

DragDetect
CharToOemA
MoveWindow
SetWindowsHookExA
GetMenuStringA
SetRect
GetMessageExtraInfo
SendNotifyMessageA
CallWindowProcW
SetCursorPos
CharUpperW
ShowOwnedPopups
TranslateAcceleratorA
GetMessagePos
CreatePopupMenu
IsCharAlphaA
ClientToScreen
IsCharLowerW
MessageBeep
GetPropW
EnumDisplayDevicesW
CharPrevW
OpenInputDesktop
LoadIconW
GetClipCursor
SetClassLongW
GetMenuItemRect
WindowFromDC
LoadKeyboardLayoutA
DestroyIcon
DeferWindowPos
DrawCaption
IsCharUpperA
LoadCursorA
ShowCursor
GetDCEx
SendMessageA
SetProcessWindowStation
DrawTextExW
GetParent
MonitorFromRect
GetClassInfoW
GetProcessWindowStation
MessageBoxIndirectW
IsCharAlphaW
CreateDialogParamA
GetClipboardData
ChildWindowFromPointEx
VkKeyScanW
InsertMenuW
PeekMessageA
DefDlgProcA

comdlg32

ChooseFontA

advapi32

ImpersonateNamedPipeClient
CryptGetUserKey
RegEnumKeyExA
RegisterServiceCtrlHandlerA
SetFileSecurityW
SetServiceObjectSecurity
EnumDependentServicesW
RegGetKeySecurity
GetCurrentHwProfileW
PrivilegeCheck
SetServiceStatus
SetNamedSecurityInfoW
SetEntriesInAclA
GetSidSubAuthorityCount
RegSetValueExW
LookupPrivilegeNameA
GetServiceKeyNameW
ChangeServiceConfigW
OpenThreadToken
GetSecurityDescriptorControl

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoGetInterfaceAndReleaseStream
CoSwitchCallContext
OleSaveToStream
CoTaskMemRealloc

oleaut32

SafeArrayGetElement
SysAllocStringLen
VariantCopy
SafeArrayGetLBound

comctl32

ImageList_SetOverlayImage
ImageList_DragShowNolock

shlwapi

PathAppendW
SHSetValueW

msvcrt

__p__commode
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__p__fmode
__set_app_type
_except_handler3
_controlfp
_adjust_fdiv

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5238b2a43d12840ea2d0b5c5085483f5

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 296KB - Virtual size: 292KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 296KB - Virtual size: 292KB