41cc407bcb275ec2227647ca75467215_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41cc407bcb275ec2227647ca75467215_JaffaCakes118
Size

199KB
MD5

41cc407bcb275ec2227647ca75467215
SHA1

e2af90587bf2f6ce60238f2ddd2e97f054de8a6f
SHA256

e3e43606fc587f1d05214318f0f4070ea2d4e22b8974438b7362c8748b0ce933
SHA512

7a60a08292e83a9ce39044abe28dd578244bc561cfeaf44aea75dd6df0e7a36d203ebedbc4bb8002840e9c773513a935d3844f8e2dabb6b78d7aeef3dc4669ec
SSDEEP

3072:sMSQ1IvZaormYzG77i9ORJq20xdQImmsSIbmZKf1CWwzhn3CA5TOlxQ6m2k0Kh:ssIvZaUmY6PiQR2xiIxabmZKMPnpOl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41cc407bcb275ec2227647ca75467215_JaffaCakes118

Files

41cc407bcb275ec2227647ca75467215_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15cfb2a1a83d68b79bc4c44cbdf0cc10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
IsBadReadPtr
ExitThread
GetLastError
LoadLibraryExA
GetCommandLineW
IsBadHugeReadPtr
ExitProcess
GlobalAlloc
GetProcAddress
VirtualAlloc
GetVersionExA
GetFileAttributesA

advapi32

RegLoadKeyA
RegOpenKeyExA

msvcrt

exp
srand
_acmdln
atol
sqrt
sprintf
log10
memcpy
fabs
wcscspn
log

ole32

PropVariantClear
CreateBindCtx
CoRevokeClassObject
ReleaseStgMedium
OleRegGetUserType
CreateStreamOnHGlobal
CoRegisterClassObject
OleCreateStaticFromData
CoUninitialize
CoGetContextToken
OleCreateStaticFromData
CoUnmarshalInterface
CoTaskMemFree
StringFromIID
CLSIDFromString
CoTaskMemFree
OleRegGetUserType
CoRevokeClassObject
OleRun
CoDisconnectObject
MkParseDisplayName
ReleaseStgMedium

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerFindFileA

comctl32

ImageList_DrawEx
ImageList_Draw
ImageList_Destroy
ImageList_Create

comdlg32

GetFileTitleA
FindTextA
GetOpenFileNameA
GetSaveFileNameA
GetOpenFileNameA
FindTextA
ChooseColorA
GetSaveFileNameA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
FindTextA

gdi32

GetBitmapBits
CreateFontIndirectA
GetDIBColorTable
CreatePalette
GetPaletteEntries
SetTextColor

oleaut32

SafeArrayGetElement
RegisterTypeLib
SafeArrayGetUBound

shell32

SHGetFolderPathA

user32

ActivateKeyboardLayout
UnhookWindowsHookEx
GetActiveWindow

shlwapi

SHQueryInfoKeyA
PathGetCharTypeA
PathIsContentTypeA
SHSetValueA
PathIsDirectoryA
SHQueryValueExA
PathFileExistsA

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DATA0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DATA7
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA3
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DATA2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15cfb2a1a83d68b79bc4c44cbdf0cc10

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

ole32

version

comctl32

comdlg32

gdi32

oleaut32

shell32

user32

shlwapi

Sections

.text Size: 51KB - Virtual size: 51KB

.data Size: 1024B - Virtual size: 52KB

.DATA0 Size: 2KB - Virtual size: 1KB

.DATA7 Size: 123KB - Virtual size: 122KB

.DATA3 Size: 15KB - Virtual size: 14KB

.DATA2 Size: 3KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 51KB - Virtual size: 51KB

.data
Size: 1024B - Virtual size: 52KB

.DATA0
Size: 2KB - Virtual size: 1KB

.DATA7
Size: 123KB - Virtual size: 122KB

.DATA3
Size: 15KB - Virtual size: 14KB

.DATA2
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB