41bd92a6470fff3414d5972c49662a66_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41bd92a6470fff3414d5972c49662a66_JaffaCakes118
Size

1.4MB
MD5

41bd92a6470fff3414d5972c49662a66
SHA1

bd7e784aa7bb6761cc0d141e37172c48f5662a44
SHA256

dde26d8360e0fd4c31e9acb64f6ba30c6d0a4912dc9f09c9483e06e3bd1de0a3
SHA512

f1127a4a373e574a9577df9b24695b54e66bb860745f6b823a88a596ab5b326ff5fa7bc2e560f7c5997610ffe26da51f8bc161802ef1456dc15800377c61feca
SSDEEP

24576:YycskxBsGTNoilAn8mB9tSnOzaO8lq6p8twhehyKdxFQ1Ys:YycsiBsGdyB9tgSslqbtwh3KPFQ1b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41bd92a6470fff3414d5972c49662a66_JaffaCakes118

Files

41bd92a6470fff3414d5972c49662a66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01197a0fb5fce7770dc157069fc004f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

version

VerInstallFileA

user32

IsWindowEnabled
CharLowerBuffA
SetWindowLongA
RegisterClassA
DrawEdge
CreateMenu
GetCursorPos
IsChild
GetDCEx
GetScrollRange
GetDlgItem
GetDC
CheckMenuItem
CharNextA
GetCursor
CreatePopupMenu
GetScrollPos
ClientToScreen
FindWindowA
EnableMenuItem
ShowWindow
EndPaint
BeginDeferWindowPos
DispatchMessageW
DefWindowProcA
GetMessagePos
CharToOemA
SetCursor
GetClientRect
TrackPopupMenu
SetWindowPos
GetClipboardData
GetKeyState
SetWindowTextA
DrawTextA
CreateWindowExA
GetIconInfo
GetMenuState
EqualRect
EnumWindows
IsDialogMessageA
GetWindow
ShowScrollBar
FrameRect
EnableScrollBar
EnumThreadWindows
CreateIcon
GetMenuItemInfoA
IsMenu

shell32

DragQueryFileA
SHGetFileInfoA
SHGetFolderPathA
SHGetDesktopFolder

shlwapi

SHDeleteKeyA

kernel32

ReadFile
MoveFileExA
GetModuleHandleA
WaitForSingleObject
GetDiskFreeSpaceA
lstrcmpiA
GetVersion
HeapDestroy
GetTickCount
ExitThread
lstrcpyA
GetOEMCP
InitializeCriticalSection
GetDateFormatA
VirtualFree
GlobalDeleteAtom
GetModuleFileNameA
SetEvent
DeleteCriticalSection
GetProcessHeap
VirtualAllocEx
GetFileType
SetEndOfFile
GetFullPathNameA
lstrcatA
ExitProcess
CreateThread
GetCurrentThread
GetLocaleInfoA
LoadLibraryA
MoveFileA
GetACP
FormatMessageA
GetProcAddress
HeapAlloc
FindResourceA
GetStringTypeA
GetVersionExA
CompareStringA
CreateEventA
lstrlenA
RtlMoveMemory
LocalReAlloc
GetCurrentProcess
CreateFileA
WideCharToMultiByte
MulDiv
GetCPInfo
ResetEvent
GetStartupInfoA
LockResource
GetLastError
EnterCriticalSection
SetErrorMode
Sleep
GetUserDefaultLCID
GetStdHandle
GetFileSize
LoadResource
LocalAlloc
LoadLibraryExA
GlobalAlloc
LocalFree

comdlg32

ChooseColorA

Sections

CODE
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 568KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 570KB - Virtual size: 569KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01197a0fb5fce7770dc157069fc004f4

Headers

File Characteristics

Imports

version

user32

shell32

shlwapi

kernel32

comdlg32

Sections

CODE Size: 55KB - Virtual size: 55KB

.rdata Size: 122KB - Virtual size: 122KB

.idata Size: 568KB - Virtual size: 568KB

.bss Size: 570KB - Virtual size: 569KB

.text Size: 512B - Virtual size: 376B

DATA Size: 512B - Virtual size: 1.9MB

.tls Size: 512B - Virtual size: 24B

.init Size: 3KB - Virtual size: 2KB

.rsrc Size: 82KB - Virtual size: 82KB

CODE
Size: 55KB - Virtual size: 55KB

.rdata
Size: 122KB - Virtual size: 122KB

.idata
Size: 568KB - Virtual size: 568KB

.bss
Size: 570KB - Virtual size: 569KB

.text
Size: 512B - Virtual size: 376B

DATA
Size: 512B - Virtual size: 1.9MB

.tls
Size: 512B - Virtual size: 24B

.init
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 82KB - Virtual size: 82KB