f42473920ecb447cd4c0454ffab19b5e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f42473920ecb447cd4c0454ffab19b5e_JaffaCakes118
Size

428KB
MD5

f42473920ecb447cd4c0454ffab19b5e
SHA1

8afa4c495c4c02720225600b1e99e2a9eb16c8f3
SHA256

75b6ca695abe218034993a0ef6ca9c99fdbc794ab42a496561aae84d098e89de
SHA512

c2138ad16c67f47c38f4f859b34751d36a2f21f8dacd4d168ee0ab104319d6fb5aadd62721c3e68e8beb344adf010bf4b71adb1375801a66871d5fcaba414471
SSDEEP

6144:naOV76gJ56nopQ9LBBMaWtf+YU5LRCifD2mN/C2sXzomgEQasEN5/yZS+JbU9m7:aAWLopQ1D2xe9fD362uzomgba1z/y4m7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f42473920ecb447cd4c0454ffab19b5e_JaffaCakes118

Files

f42473920ecb447cd4c0454ffab19b5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40212a6ca678b8c3018ef3cbe1fdfbb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
IsBadReadPtr
WaitForSingleObject
GetTickCount
InterlockedExchange
CreateThread
GetCurrentThread
SetThreadPriority
GetCurrentProcessId
FreeLibraryAndExitThread
GetProcAddress
FreeLibrary
InterlockedCompareExchange
LoadLibraryA
Sleep
GetModuleFileNameA
LoadLibraryW
ExpandEnvironmentStringsW
InterlockedDecrement
CloseHandle
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
WriteConsoleW
GetConsoleScreenBufferInfo
GetFileType
GetStdHandle
SetConsoleTextAttribute
WriteFile
GetLocaleInfoW
GetModuleHandleW
GetModuleFileNameW
ReadConsoleW
ReadConsoleInputW
ReadFile
SetConsoleMode
FindClose
FindNextFileW
FindFirstFileW
WideCharToMultiByte
CreateFileW
DeleteFileW
CopyFileW
FileTimeToSystemTime
GetSystemDirectoryW
CreateMutexW
OpenFileMappingW
GlobalAlloc
ReleaseMutex
GlobalFree
lstrlenW
lstrcmpiW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
HeapFree
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
RtlUnwind
MultiByteToWideChar
WaitForMultipleObjects
CreateEventA
SetEvent
FormatMessageW
UnmapViewOfFile
HeapDestroy
GetProcessHeap
MapViewOfFile
CreateFileMappingA
ResetEvent
IsBadCodePtr
IsBadWritePtr
GetCurrentThreadId
WriteProcessMemory
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
FormatMessageA
LocalFree
VirtualProtect
SystemTimeToFileTime
GetCommandLineA

user32

GetWindowRect
SetFocus
wsprintfW
SetWindowTextW
ReleaseDC
GetDC
GetDlgItem
FillRect
CopyRect
SetDlgItemTextW
GetSysColor
InflateRect
GetSystemMetrics
SetWindowLongW
SetTimer
EndDialog
KillTimer
GetWindowLongW
EnableWindow
WinHelpW
LoadBitmapW
GetFocus
SendMessageW
DrawTextW
CharToOemW
LoadStringW

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
SetServiceStatus
DeregisterEventSource
RegNotifyChangeKeyValue
RegQueryInfoKeyA
RegEnumValueW
RegCloseKey

gdi32

SelectObject
DeleteObject
CreateSolidBrush
SetTextAlign
GetObjectW
CreateCompatibleDC
GetPixel
DeleteDC
CreatePen
LineTo
SetPixel
MoveToEx

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40212a6ca678b8c3018ef3cbe1fdfbb2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 284KB - Virtual size: 281KB

.data Size: 12KB - Virtual size: 288KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 284KB - Virtual size: 281KB

.data
Size: 12KB - Virtual size: 288KB

.rsrc
Size: 4KB - Virtual size: 1KB