0041fb8637e5a9ffe5701278a84872df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0041fb8637e5a9ffe5701278a84872df_JaffaCakes118
Size

2.4MB
MD5

0041fb8637e5a9ffe5701278a84872df
SHA1

4aee976c6c8b4f2aac9840fa2bf224516b35b2ba
SHA256

e551001d4af29587096f2c53c093c952b945ae4968363bf49608922b0fdc289e
SHA512

184eb82715d954c9631ecbf5654ba0f0d72d2a156c23ad19baa24ebe1f7d94ccde7fade2d3d49d37d4e482dde145d7740fdbc8db41b63bbd4dee017c36954c52
SSDEEP

49152:qKdEXmtqWD1Om2XdUBwjcDMz4OUzO7o845FmC1N:96Wnkm2tUBw/4TyolTmC1N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0041fb8637e5a9ffe5701278a84872df_JaffaCakes118

Files

0041fb8637e5a9ffe5701278a84872df_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6068b84d5b9513d61dea756c9288e6ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextW

user32

ShowStartGlass
GetCaretPos
TabbedTextOutA
DestroyCaret
GetScrollRange
AdjustWindowRect
SetInternalWindowPos
FindWindowA
HideCaret
GetUserObjectInformationW
SetCaretPos

comctl32

ImageList_Write
ImageList_AddMasked

msvcrt

wcsrchr
_vsnprintf
fgetc
iswprint
getchar

gdi32

GetTextFaceW
CreateRectRgnIndirect
CreatePenIndirect
CreateRectRgn
DeleteObject
AddFontResourceW

kernel32

CreateMutexW
QueryPerformanceCounter
HeapSize
GetModuleHandleW
SetCurrentDirectoryW
lstrlenW
CopyFileA
SetStdHandle
RaiseException

winspool.drv

DeletePrinterConnectionA

Exports

Exports

_CgCzYuou_qrehf@12
_LjwvRZnm_av@12
_Vbryyfmk_xiWTh@8

Sections

.icode
Size: 512B - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vars
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.base
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6068b84d5b9513d61dea756c9288e6ec

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

user32

comctl32

msvcrt

gdi32

kernel32

winspool.drv

Exports

Exports

Sections

.icode Size: 512B - Virtual size: 6.5MB

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 2KB - Virtual size: 2KB

.vars Size: 1024B - Virtual size: 1024B

.base Size: 1024B - Virtual size: 772B

.data Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 6KB - Virtual size: 5KB

.icode
Size: 512B - Virtual size: 6.5MB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 2KB - Virtual size: 2KB

.vars
Size: 1024B - Virtual size: 1024B

.base
Size: 1024B - Virtual size: 772B

.data
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 6KB - Virtual size: 5KB