f42b9101cc859a939fdf7e2f90739e22_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f42b9101cc859a939fdf7e2f90739e22_JaffaCakes118
Size

475KB
MD5

f42b9101cc859a939fdf7e2f90739e22
SHA1

59a8d351bc4f0a84b7cbf1733f0be49620adbb48
SHA256

0d51723c53f02151e169dba15a36c537cf415fe3138b05205f5eadaf6cd0af08
SHA512

c72f8bd4c099f4769fd677a6a2d4e308fe0ed57d8c1f692649b8f3599cd97e37bb1f3cca4fe627dabf9e9ad3f6baee3abca47da5e1ed74affc072d5b60e59135
SSDEEP

12288:heM7ZCog99KnrcRphzhw/UGa3Cxvk6+3zK1bW3hzoAfqpwm8iY:hRbGkM3zsbpC0w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f42b9101cc859a939fdf7e2f90739e22_JaffaCakes118

Files

f42b9101cc859a939fdf7e2f90739e22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82fe6572554aa239d29a943fe8cabb91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
HeapDestroy
InitializeCriticalSection
SetConsoleCtrlHandler
GetProcAddress
InterlockedDecrement
HeapReAlloc
SetFilePointer
DeleteCriticalSection
GetStdHandle
GetCurrentProcessId
SetLastError
GetVolumeInformationA
GetDateFormatA
SetStdHandle
UnhandledExceptionFilter
InterlockedIncrement
CreateThread
TlsAlloc
VirtualFree
GetFileType
TlsGetValue
EnumSystemLocalesA
GetTimeZoneInformation
IsBadWritePtr
GetSystemDirectoryW
GetOEMCP
SetUnhandledExceptionFilter
lstrlenA
ExitProcess
GetTickCount
FlushConsoleInputBuffer
SetHandleCount
HeapFree
GetACP
GetModuleFileNameA
GetSystemInfo
LoadLibraryA
QueryPerformanceCounter
FreeEnvironmentStringsW
VirtualAlloc
SetConsoleScreenBufferSize
EnterCriticalSection
TlsSetValue
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
WriteFile
GetCPInfo
GetEnvironmentStrings
GetLocaleInfoA
LeaveCriticalSection
TlsFree
HeapValidate
FlushFileBuffers
GetSystemTimeAsFileTime
GetCommandLineA
CompareStringA
ReleaseSemaphore
GetCurrentThread
GetEnvironmentStringsW
CloseHandle
OutputDebugStringA
IsValidCodePage
WideCharToMultiByte
GetSystemTimeAdjustment
GetLastError
MultiByteToWideChar
WaitNamedPipeW
HeapCreate
SetEnvironmentVariableA
GetLocaleInfoW
EnumSystemCodePagesW
InterlockedExchange
GetStringTypeA
VirtualProtect
FreeEnvironmentStringsA
IsValidLocale
DebugBreak
CompareStringW
IsBadReadPtr
GetVersionExA
HeapAlloc
LCMapStringW
GetTempPathW
GetPrivateProfileSectionW
GetUserDefaultLCID
VirtualQuery
GetModuleHandleA
LCMapStringA
GetStartupInfoA
GetTimeFormatA
RtlUnwind

shell32

ShellExecuteEx
SHFormatDrive
DragQueryFileW
SHQueryRecycleBinA
DragQueryFileAorW
CheckEscapesW
ExtractIconEx
FindExecutableA
ExtractAssociatedIconExW
FreeIconList
SheChangeDirA
SHFreeNameMappings
DoEnvironmentSubstW
SHGetFileInfo
SHGetDiskFreeSpaceA
SHGetNewLinkInfo
SHFileOperationA
SHAddToRecentDocs
SHLoadInProc
SHGetSpecialFolderPathW
DragQueryFile

Sections

.text
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82fe6572554aa239d29a943fe8cabb91

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 186KB - Virtual size: 185KB

.data Size: 281KB - Virtual size: 280KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 186KB - Virtual size: 185KB

.data
Size: 281KB - Virtual size: 280KB

.rsrc
Size: 7KB - Virtual size: 6KB