41eef63788081c68ed31c187c465d3e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41eef63788081c68ed31c187c465d3e3_JaffaCakes118
Size

153KB
MD5

41eef63788081c68ed31c187c465d3e3
SHA1

eed8a41788d05c9493fb79c709f8192cad7fc9b6
SHA256

11c4df4e7ef95795e04d88f7280db1d0597f2e1bfaeb273915d58ed5aa5e0512
SHA512

ea6245562c7d72879afec215023ce31bf544376bb0c0db635c899559075625ce609f284e57db8a3eb02e3cd921cf0729ce87222b2db99813a1dad7c1476240f4
SSDEEP

3072:KpczWPd4UERLFAQzueTqueF2esLuhhzHuj:Kp6WPd4UKFBy0qH2ezvzHuj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41eef63788081c68ed31c187c465d3e3_JaffaCakes118

Files

41eef63788081c68ed31c187c465d3e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe887d65e618626077d298b5c3a975c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetFileSize
ExitThread
GetCurrentThreadId
CreateThread
GetLastError
GetUserDefaultLangID
FindAtomA
CopyFileW
GetOEMCP
GetConsoleMode
DeleteFileW
GetCurrentThread
DeleteAtom
CreateProcessA
GetComputerNameA
OpenFile
GetLastError
GetConsoleMode
ExitThread
GetCommandLineA
GetFileSize
GetStdHandle
GetFileTime
CreateThread
GetOEMCP
FindFirstFileA
CreateDirectoryA
DeleteFileA
GetCPInfo
GlobalFree
CreateProcessA
GetConsoleMode
GetCurrentProcessId
GetComputerNameA
GetUserDefaultLangID
Sleep
CreateDirectoryA
ExitThread
GetCurrentThreadId
CopyFileW
GetCurrentProcess
GetStdHandle
GetCurrentThread
GetOEMCP
DeleteAtom
GetCommandLineA
GetCPInfo
GetLastError
GetFileSize
CopyFileW
ExitThread
CreateDirectoryA
GetStdHandle
DeleteFileA
GetCurrentThread
GetConsoleOutputCP
GetFileTime
GlobalFree
GetLastError
GetCurrentProcess
GetCurrentProcessId
DeleteFileW
OpenFile
Sleep
GetOEMCP
GetComputerNameA
FindAtomA
GetCommandLineA
Sleep
CopyFileW
CreateProcessA
CreateThread
GetCurrentProcessId
GetCurrentProcess
OpenFile
DeleteFileW
GetCurrentThread
GetConsoleOutputCP
CreateDirectoryA
GetLastError
GetOEMCP
GlobalFree
DeleteAtom
FindAtomA
GetFileTime
Sleep
CopyFileW
GetCPInfo
FindFirstFileA
GetCurrentThreadId
GetCurrentProcess
GetFileSize
DeleteFileA
GetComputerNameA
OpenFile
GetStdHandle
GetCommandLineA
CreateProcessA
DeleteFileW
GetConsoleOutputCP
GetCurrentThread

advapi32

RegEnumValueA
RegDeleteValueW
RegQueryInfoKeyW
RegQueryValueA
RegDeleteKeyW
RegEnumKeyExA
RegEnumValueW
RegOpenKeyW
RegOpenKeyExA
RegFlushKey
RegCreateKeyExW
RegOpenKeyExW
RegOpenKeyA
RegLoadKeyA
RegDeleteKeyA
RegReplaceKeyW
RegFlushKey
RegDeleteKeyA
RegEnumKeyExW
RegDeleteKeyW
RegGetKeySecurity
RegLoadKeyA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyA
RegDeleteValueW
RegQueryValueA
RegCreateKeyW
RegOpenKeyW

user32

InsertMenuA
AlignRects
CopyRect
CopyIcon
CalcMenuBar
GetMenu
GetDC
CreateIcon
GetWindowTextA
GetDlgItem
DrawIconEx
GetFocus
AppendMenuA
GetDlgItem
DrawTextW
DrawIcon
AlignRects
DialogBoxParamW
CopyRect
GetDC
GetMenu
IsWindow
LoadMenuA
CopyImage
CreateIcon
CalcMenuBar
DrawIconEx
GetFocus
CopyIcon
DrawTextA
AppendMenuA

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 107KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe887d65e618626077d298b5c3a975c6

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 9KB - Virtual size: 8KB

.bss Size: 107KB - Virtual size: 455KB

.idata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 9KB - Virtual size: 8KB

.bss
Size: 107KB - Virtual size: 455KB

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB