d41c7554db541053625b9af614c3ab29_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d41c7554db541053625b9af614c3ab29_JaffaCakes118
Size

273KB
MD5

d41c7554db541053625b9af614c3ab29
SHA1

7645b29a2ce25bafae7f3bbfc02ff5abd77766c6
SHA256

5c3a3865e3cd6cea63798b881134e8d133ed6f08dd671d7d79755dccdbc848cc
SHA512

0092fa857b7c93e52be84882b71174dcbfa35d9a11a1f85d6ac74b1e047182c0611eb7f13a420cfdb565fb1f4364108b1abaa6fe2cda6e135d49e16edb914e65
SSDEEP

6144:T9aXCzErPUVScQQTpfJeY+pOik+5Gmgqu6h4lQ9lypr5LbhZVdbw:24ErUSOTpxeY+AiTgNaqr5hZfc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d41c7554db541053625b9af614c3ab29_JaffaCakes118

Files

d41c7554db541053625b9af614c3ab29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28cd6447baeec47484d4697e38d8369f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
ResumeThread
QueryDosDeviceW
SetEndOfFile
FindFirstChangeNotificationW
SuspendThread
GetUserDefaultLangID
CloseHandle
SetThreadPriority
GetProcAddress
GlobalLock
FreeResource
LoadLibraryW
GlobalUnlock
WaitForMultipleObjects
lstrcpyW
SetWaitableTimer
FileTimeToSystemTime
GetLogicalDrives
VirtualAlloc
lstrlenW
CreateWaitableTimerW
CreateFileW
FreeLibrary
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualProtect
SetCurrentDirectoryW
LockResource
SetLastError
WideCharToMultiByte
GetTickCount
GetCurrentThreadId
FindNextChangeNotification
MulDiv
GetFileSize
WriteFile
VirtualFree
GetLastError
GlobalAlloc
GlobalDeleteAtom
InterlockedIncrement
GetPrivateProfileStringW
FindFirstFileW
SizeofResource
DeleteFileW
MoveFileW
GetSystemTime
GetCurrentProcessId
InterlockedDecrement
GetVersion
GetModuleFileNameW
SetFilePointer
CreateEventW
FindResourceExW
MultiByteToWideChar
GetFileAttributesExW
FindResourceW

user32

DestroyMenu
MessageBoxW
wsprintfW
GetCursorPos
GetWindowTextW
GetDlgItem
SystemParametersInfoW
PostThreadMessageW
GetSysColor
IsDlgButtonChecked
CreatePopupMenu
RegisterHotKey
GetWindowRect
ReleaseDC
DrawTextW
ReleaseCapture
LoadImageW
GetWindowThreadProcessId
EndDialog
GetWindowDC
DispatchMessageW
TranslateMessage
SetCapture
IsWindow
PostQuitMessage
RegisterWindowMessageW
VkKeyScanW
LoadBitmapW
SetCursor
SetWindowTextW
RegisterClassExW
DefWindowProcW
GetClassNameW
FillRect
DestroyIcon
DialogBoxParamW

gdi32

LineTo
Rectangle
CreateCompatibleBitmap
SetBkMode
DeleteDC
GetMapMode
SetTextColor
CreatePen
CreateICW
DeleteObject
CreateSolidBrush
StretchBlt
MoveToEx
CreateDCW
GetDeviceCaps
GetObjectW
SetMapMode
CreateFontIndirectW
DPtoLP
BitBlt

advapi32

LookupPrivilegeValueW
RegCreateKeyExW
GetUserNameW
StartServiceW
RegSetValueExW
RegNotifyChangeKeyValue
RegDeleteValueW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

SHChangeNotify
Shell_NotifyIconW

ole32

CoUninitialize
CoInitialize
CoInitializeEx

oleaut32

SysFreeString
OleLoadPicture

Sections

.text
Size: 244KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

28cd6447baeec47484d4697e38d8369f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 244KB - Virtual size: 242KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 17KB

.text
Size: 244KB - Virtual size: 242KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 17KB