0042fa646d67f6ca4b12e10d1b1f9f30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0042fa646d67f6ca4b12e10d1b1f9f30_JaffaCakes118
Size

477KB
MD5

0042fa646d67f6ca4b12e10d1b1f9f30
SHA1

786d995fed128fdfefe3a0373fe9cadd03e69ceb
SHA256

d0f3585acb275ac910f1b72ebdbfdaf49ecdd96f71fd0113c2087cc32bd99d0b
SHA512

a7498bb7732b670e4c016a34d4ec497c7276f0816c1ac945043c0d1a06c524f590a6cc51c8f49c31c07975d825ca54c953563a0a985b281d8c345ac3ca3c6e5c
SSDEEP

12288:RQWfPlkDys93lHktX7O/K4aC0IQMY1eOLxrQ9:RiBlC7KK7Nc9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0042fa646d67f6ca4b12e10d1b1f9f30_JaffaCakes118

Files

0042fa646d67f6ca4b12e10d1b1f9f30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

711837ab21d19e2c50ca81b97bbd7c08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetDefaultProviderW
InitializeSecurityDescriptor
RegQueryValueW
RegOpenKeyExW
RegSetValueW
LookupPrivilegeDisplayNameA
CryptImportKey
LookupAccountNameW
CryptReleaseContext
RegCreateKeyW
CryptEnumProvidersW
RegEnumValueA
CryptHashData

kernel32

SetCurrentDirectoryA
ExitProcess
TlsSetValue
LocalLock
SetLastError
FreeEnvironmentStringsW
lstrlenA
GetStartupInfoA
WriteFile
GetCPInfo
HeapAlloc
TlsAlloc
GetConsoleOutputCP
ReadFile
IsBadReadPtr
EnumDateFormatsExA
SetUnhandledExceptionFilter
GetProcAddress
GetStringTypeA
SetConsoleCtrlHandler
LocalAlloc
UnhandledExceptionFilter
GetModuleHandleA
GetSystemTimeAsFileTime
GetProcessHeap
CreateFileA
WriteConsoleW
FreeLibrary
GetModuleFileNameW
TlsFree
LoadLibraryA
InterlockedExchange
VirtualFree
WideCharToMultiByte
CompareStringW
IsDebuggerPresent
LoadLibraryW
CreateMutexA
TerminateProcess
LCMapStringA
EnumSystemLocalesA
FreeEnvironmentStringsA
GetStdHandle
InterlockedDecrement
LeaveCriticalSection
QueryPerformanceCounter
HeapFree
GetCurrentThread
TlsGetValue
EnterCriticalSection
InterlockedIncrement
CreateThread
GetUserDefaultLCID
GetCurrentProcess
VirtualAlloc
SetHandleCount
WriteConsoleA
HeapDestroy
MultiByteToWideChar
SetFilePointer
SetConsoleOutputCP
GetConsoleCP
GetStringTypeW
GetCurrentThreadId
InitializeCriticalSection
CloseHandle
GetModuleFileNameA
GetACP
GetVersionExA
GetFileType
GetEnvironmentStringsW
IsValidCodePage
VirtualQuery
GetCommandLineA
GetDateFormatA
LCMapStringW
RaiseException
InitializeCriticalSectionAndSpinCount
GetEnvironmentVariableW
SetEnvironmentVariableA
HeapCreate
HeapValidate
GetCommandLineW
RtlUnwind
GetTimeFormatA
FlushFileBuffers
GetStartupInfoW
OutputDebugStringW
GetLocaleInfoW
GetTimeZoneInformation
EnumResourceLanguagesA
CompareStringA
GetOEMCP
GetCurrentProcessId
SetStdHandle
GetLastError
OutputDebugStringA
GetConsoleMode
IsValidLocale
GetLocaleInfoA
GetEnvironmentStrings
OpenMutexA
FoldStringW
GlobalSize
DebugBreak
HeapReAlloc
DeleteCriticalSection
GetTickCount

user32

RegisterDeviceNotificationW
GetCursorInfo
IsDialogMessageA
GetUpdateRgn
GetWindow
GetWindowModuleFileNameA
BroadcastSystemMessageW
ClipCursor
SetCaretPos
CharPrevExA
RedrawWindow
GetListBoxInfo
RegisterClassExA
NotifyWinEvent
LoadCursorFromFileA
CharUpperA
DdeKeepStringHandle
RegisterClassA
GetMessageExtraInfo
DialogBoxParamA
MonitorFromWindow
CharNextW
LoadMenuIndirectW
SetDlgItemInt
TabbedTextOutW

wininet

GopherGetLocatorTypeW
InternetCanonicalizeUrlW
InternetGetConnectedStateExA
UpdateUrlCacheContentPath
DeleteUrlCacheEntry
InternetShowSecurityInfoByURLW
HttpQueryInfoW

gdi32

TranslateCharsetInfo
GetDIBits
SetArcDirection
PlayEnhMetaFile
CreateBitmap
CreateColorSpaceA
GetCharWidthFloatA
ScaleWindowExtEx
AbortDoc
GetTextCharset
Polygon
ExtCreateRegion
SetTextColor
ExtEscape
CloseEnhMetaFile
RestoreDC
GetTextExtentExPointA
DeviceCapabilitiesExW
WidenPath
PtVisible
GetEnhMetaFilePaletteEntries
GetROP2

comctl32

InitCommonControlsEx

shell32

SHUpdateRecycleBinIcon

Sections

.text
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

711837ab21d19e2c50ca81b97bbd7c08

Headers

File Characteristics

Imports

advapi32

kernel32

user32

wininet

gdi32

comctl32

shell32

Sections

.text Size: 275KB - Virtual size: 274KB

.rdata Size: 48KB - Virtual size: 55KB

.data Size: 148KB - Virtual size: 147KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 275KB - Virtual size: 274KB

.rdata
Size: 48KB - Virtual size: 55KB

.data
Size: 148KB - Virtual size: 147KB

.rsrc
Size: 5KB - Virtual size: 5KB