f42c41f04bf7899ce440f2a8d0053a2b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f42c41f04bf7899ce440f2a8d0053a2b_JaffaCakes118
Size

448KB
MD5

f42c41f04bf7899ce440f2a8d0053a2b
SHA1

28c4ff30022b9020d019ac9f8301f27abbaf8a6e
SHA256

5cde16f8c8b48ed42e9f46d1dad78f13ee667cd3141e75fc71fad6af63775fec
SHA512

a3a17ff4dbe3f081a9e3ea53ccb76668c8c9845c3b7638a0a4cc9aa3d4c93282293dd0f2463923d1c0825e0cadc670ab0baa85d4472ab4fc8079c1d450ac6e1f
SSDEEP

6144:6DQAb0vlBoNwroZkXXaZa/fTJFIQJuPruUQDJt7HeOLGAO8zJ0RjYEhr:ZAb0vQwro0JKruUQDJF+OLGimjPN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f42c41f04bf7899ce440f2a8d0053a2b_JaffaCakes118

Files

f42c41f04bf7899ce440f2a8d0053a2b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

37ecb7ed42a2682cfbbba0bb9abc1a71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Projects\LightInstaller\trunc\Release\LightInstaller.pdb

Imports

ws2_32

gethostbyname
WSAStartup
WSAGetLastError
closesocket
listen
bind
htons
socket
gethostname
connect
accept
send
recv

wininet

HttpQueryInfoA
FtpCommandA
FtpFindFirstFileA
InternetGetCookieA
InternetCreateUrlA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpSendRequestExA
HttpEndRequestA
InternetGetLastResponseInfoA
FtpSetCurrentDirectoryA
InternetAutodial
InternetCloseHandle
InternetWriteFile
InternetSetOptionA
InternetQueryOptionA
InternetReadFile
HttpSendRequestA
InternetOpenA
InternetConnectA
HttpOpenRequestA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

DeleteFileA
RemoveDirectoryA
Sleep
MulDiv
WideCharToMultiByte
GetLocalTime
SystemTimeToFileTime
FileTimeToDosDateTime
GetFileSizeEx
CloseHandle
GetModuleFileNameA
LoadLibraryA
lstrcatA
CreateFileA
GetCurrentProcessId
TerminateProcess
FreeLibrary
lstrlenA
lstrcmpiA
MultiByteToWideChar
IsDBCSLeadByte
lstrlenW
LoadLibraryExA
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
LocalFree
CreateDirectoryA
CopyFileA
GetFileAttributesW
CreateDirectoryW
SetFilePointer
SetEndOfFile
FormatMessageA
CreateFileW
ReadFile
WriteFile
GetModuleFileNameW
GetFileSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrcpyA
GetCurrentDirectoryA
CompareStringA
GetFileAttributesA
SetFileAttributesA
SetFileTime
MoveFileA
CreateThread
GetFileTime
GetExitCodeThread
TerminateThread
WaitForSingleObject
GetTickCount
CreateMutexA
ReleaseMutex
QueryPerformanceCounter
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
VirtualProtect
GetModuleHandleW
GetSystemInfo
VirtualQuery
ExitThread
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
UnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
HeapSize
HeapCreate
DeleteCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
InitializeCriticalSection
GetProcAddress
FlushInstructionCache
GetCurrentProcess
SetLastError
RaiseException
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
TlsFree
LCMapStringW
GetStringTypeW
ExitProcess
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetSystemTimeAsFileTime
GetLastError
GetTempPathA
LockResource
SizeofResource
LoadResource
FindResourceA
GetModuleHandleA
GetConsoleCP
GetConsoleMode
LoadLibraryW
SetStdHandle
WriteConsoleW
FlushFileBuffers
EncodePointer
DecodePointer

user32

CharLowerA
SetTimer
UpdateWindow
CharNextA
DialogBoxParamA
wsprintfA
DispatchMessageA
PeekMessageA
TranslateMessage
KillTimer
GetActiveWindow
SetWindowTextA
GetDC
DestroyWindow
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
CallWindowProcA
GetWindow
GetKeyState
ReleaseCapture
GetCapture
SetCapture
SetFocus
GetWindowLongA
GetSysColorBrush
GetSysColor
SetCursor
PtInRect
GetCursorPos
DefWindowProcA
SetRectEmpty
EndDialog
SetDlgItemTextA
LoadIconA
SetWindowLongA
CreateWindowExA
LoadCursorA
GetClassInfoExA
DrawFocusRect
GetFocus
IsWindowEnabled
SetWindowPos
ReleaseDC
DrawTextA
GetWindowDC
EndPaint
FillRect
GetClientRect
BeginPaint
IsWindow
ShowWindow
EnableWindow
MoveWindow
PostMessageA
MessageBoxA
GetWindowTextA
SendMessageA
LoadBitmapA
GetParent
ScreenToClient
GetWindowRect
GetDlgItem
UnregisterClassA
RegisterClassExA

gdi32

CreateSolidBrush
DeleteObject
SelectObject
GetStockObject
CreateCompatibleDC
SetTextColor
GetDeviceCaps
BitBlt
DeleteDC
SetBkMode
CreateDCA
CreateCompatibleBitmap
GetTextExtentPoint32A
CreateFontIndirectA
SetBkColor
GetObjectA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegQueryValueExA
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyW
RegCreateKeyExA

shell32

SHGetFolderPathA
ShellExecuteA

ole32

CoInitialize
CoUninitialize
CoCreateGuid
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CLSIDFromProgID
CoGetClassObject
CoGetMalloc
OleRun
StringFromCLSID

oleaut32

VarUI4FromStr

comctl32

PropertySheetA
CreatePropertySheetPageA
DestroyPropertySheetPage

msimg32

TransparentBlt

Sections

.text
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37ecb7ed42a2682cfbbba0bb9abc1a71

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

wininet

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

Sections

.text Size: 282KB - Virtual size: 281KB

.rdata Size: 70KB - Virtual size: 69KB

.data Size: 10KB - Virtual size: 17KB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 23KB - Virtual size: 22KB

.text
Size: 282KB - Virtual size: 281KB

.rdata
Size: 70KB - Virtual size: 69KB

.data
Size: 10KB - Virtual size: 17KB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 23KB - Virtual size: 22KB