41dbcaff3b6a6ee8743d0e1265f4bb62_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41dbcaff3b6a6ee8743d0e1265f4bb62_JaffaCakes118
Size

218KB
MD5

41dbcaff3b6a6ee8743d0e1265f4bb62
SHA1

0c1f69438ab158ce51145146f3fe577545a53547
SHA256

c92bc2e9028726e9839fbd38e6785f26d06920cd02ddf77b124e65c89c58d309
SHA512

e44dcd2d7637dc22660eae8dc11deefa424894ff6836b49bb07fdd5bad907b63c71612ec5cfa6f65d9f3cb93c4814a2f9e2293525dc31f79a73620a4f2eefd01
SSDEEP

6144:phHqmdLtSU+pSTdEoGOZ8H8o2810gVH9EpptQ:phKmdupSRnG+8H8o2810uH9ctQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41dbcaff3b6a6ee8743d0e1265f4bb62_JaffaCakes118

Files

41dbcaff3b6a6ee8743d0e1265f4bb62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ce867f7ad506ea9ddd4ad373facb3a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

StartServiceA
CryptCreateHash
RevertToSelf
LookupPrivilegeValueA
CreateServiceA
RegEnumKeyA
RegQueryValueA
CryptReleaseContext
LookupPrivilegeDisplayNameW
StartServiceW
AbortSystemShutdownW
CryptSetProviderExW
RegQueryInfoKeyW
RegQueryValueExA
CreateServiceW
CryptSetProviderW
CryptExportKey
RegQueryInfoKeyA
LookupPrivilegeValueW
CryptEnumProviderTypesA
RegQueryMultipleValuesA
RegQueryValueW
CryptSetKeyParam

gdi32

GetGlyphOutline
TextOutW
CreateFontIndirectA
GetDeviceCaps

wininet

ShowX509EncodedCertificate
InternetUnlockRequestFile

user32

IsCharAlphaNumericW
DeferWindowPos
IsCharUpperA
OemToCharW
HideCaret
GetClipboardFormatNameW
RealGetWindowClass
GetMessagePos
DlgDirListW
GetPropA
MenuItemFromPoint
CharToOemBuffA

kernel32

GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoA
VirtualQuery
GetStringTypeW
GlobalAlloc
TlsGetValue
GetEnvironmentStrings
InitializeCriticalSection
GetModuleHandleA
GetSystemTimeAsFileTime
ExitProcess
GetFileType
UnhandledExceptionFilter
GetDateFormatA
HeapSize
WideCharToMultiByte
CompareStringW
GetUserDefaultLCID
SetLastError
GetACP
HeapFree
GetTickCount
InterlockedExchange
HeapDestroy
GetDriveTypeW
CreateDirectoryExA
RtlUnwind
IsValidCodePage
GetStartupInfoW
SetEnvironmentVariableA
CompareStringA
GetStdHandle
GetStringTypeA
VirtualProtect
GetCPInfo
GetLocaleInfoA
GetTimeZoneInformation
HeapReAlloc
GetLocaleInfoW
WriteFile
GetModuleFileNameW
EnumSystemLocalesA
VirtualAlloc
LoadLibraryA
MultiByteToWideChar
LeaveCriticalSection
GetCommandLineA
HeapCreate
GetEnvironmentStringsW
TlsFree
SetConsoleTextAttribute
GetCurrentProcessId
GetSystemInfo
GetTimeFormatA
HeapAlloc
EnterCriticalSection
EnumResourceLanguagesA
GetVersionExA
LCMapStringW
GetCurrentDirectoryW
TlsAlloc
SetHandleCount
FreeEnvironmentStringsW
GetCurrentProcess
IsValidLocale
GetCommandLineW
GetLastError
FreeEnvironmentStringsA
ReadConsoleOutputW
GetCurrentThread
LCMapStringA
IsBadWritePtr
DeleteCriticalSection
GetOEMCP
GetProcAddress
VirtualFree
GetModuleFileNameA
TlsSetValue
TerminateProcess

comdlg32

ReplaceTextW
GetFileTitleW
FindTextW
PageSetupDlgW
FindTextA

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ce867f7ad506ea9ddd4ad373facb3a0

Headers

File Characteristics

Imports

advapi32

gdi32

wininet

user32

kernel32

comdlg32

Sections

.text Size: 102KB - Virtual size: 102KB

.data Size: 108KB - Virtual size: 120KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 102KB - Virtual size: 102KB

.data
Size: 108KB - Virtual size: 120KB

.rsrc
Size: 6KB - Virtual size: 6KB