42427b1414b2c1b7f8a760a5a9ab4469_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42427b1414b2c1b7f8a760a5a9ab4469_JaffaCakes118
Size

415KB
MD5

42427b1414b2c1b7f8a760a5a9ab4469
SHA1

a47c1129104fe933d9a3c66092b4d0515267f6e4
SHA256

014de44a290265be42fd7d26abaf807e2b002341af97336ae65e1d30b2ae307a
SHA512

233291e3691425bab18368f67e89feba0409c30dad15a326567cd0e48326ccce986bddc76facd4a1c49b02250ac68a3e5ed7c5bd51e6070e62887ba33409d232
SSDEEP

6144:7UFtvgkyr+nCJZNDXI6wb2XjJsAZ1PWkHB2xt9PL9TmJqg3EjF1G:oFRgkd+ZN06iAjJLPWiBanPN8qg3EB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42427b1414b2c1b7f8a760a5a9ab4469_JaffaCakes118

Files

42427b1414b2c1b7f8a760a5a9ab4469_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54d9c79886c378d3731d2e5224b35fd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetCertByURL
InternetConfirmZoneCrossingW
InternetGetConnectedStateExW
FtpSetCurrentDirectoryA
InternetQueryOptionW
InternetCrackUrlW
InternetAlgIdToStringW
InternetGetCertByURLA
InternetGetLastResponseInfoW
InternetGetConnectedStateEx
CreateUrlCacheContainerW
SetUrlCacheConfigInfoW
GetUrlCacheEntryInfoExW
UrlZonesDetach
InternetCanonicalizeUrlA
CreateUrlCacheGroup

user32

RegisterClipboardFormatA
CopyImage
SetProcessDefaultLayout
ClientToScreen
GetMonitorInfoA
PostMessageA
SetPropW
ValidateRect

shell32

DuplicateIcon
ExtractIconExA
DragQueryFileA
SHUpdateRecycleBinIcon
SHGetFileInfo
SHQueryRecycleBinW
SHGetDesktopFolder
RealShellExecuteExA
ShellExecuteEx
SHQueryRecycleBinA
SHEmptyRecycleBinA
SHGetInstanceExplorer
ExtractAssociatedIconExA
SHGetSpecialFolderPathA
SHFileOperation
SHGetMalloc
SHBrowseForFolderA
SHGetDataFromIDListW
SHInvokePrinterCommandA
DoEnvironmentSubstA
ShellHookProc
SHBrowseForFolder

gdi32

GetBkColor
PolyTextOutA
StrokePath
CreatePolygonRgn
PolyTextOutW
DeviceCapabilitiesExA
GetTextAlign
Escape
GetArcDirection
SetTextAlign
SetMetaRgn
SetROP2
SetICMMode
Ellipse
ExtTextOutA
GetCharABCWidthsFloatA
ColorCorrectPalette
SetEnhMetaFileBits

kernel32

InterlockedExchange
GetEnvironmentStringsW
GetSystemTime
HeapDestroy
FreeEnvironmentStringsA
LCMapStringW
HeapFree
GetProcAddress
ExitProcess
RtlUnwind
GetStringTypeW
EnterCriticalSection
GetModuleFileNameA
LocalFileTimeToFileTime
IsValidCodePage
SetConsoleCursorInfo
SetEnvironmentVariableA
HeapReAlloc
GetProcessHeap
InterlockedDecrement
GetFileType
TlsAlloc
WriteConsoleInputW
VirtualFree
TlsSetValue
InterlockedIncrement
HeapAlloc
EnumCalendarInfoExA
lstrcmpA
Sleep
GetLocaleInfoA
WriteConsoleOutputCharacterA
IsDebuggerPresent
IsValidLocale
CompareStringW
GetLogicalDriveStringsA
VirtualAlloc
TlsFree
GetCommandLineA
GlobalGetAtomNameW
GetVersionExA
GetStartupInfoA
LeaveCriticalSection
GetStringTypeA
SetConsoleCtrlHandler
GetOEMCP
GetCurrentThreadId
GlobalAddAtomW
GetSystemTimeAsFileTime
GetEnvironmentStrings
GetLastError
HeapSize
SetUnhandledExceptionFilter
GetDateFormatW
InitializeCriticalSection
FreeLibrary
EnumSystemLocalesA
SetLastError
GetCPInfo
HeapCreate
DeleteAtom
DeleteCriticalSection
VirtualQuery
QueryPerformanceCounter
GetModuleHandleA
GetStdHandle
GetCurrentProcess
GetLocaleInfoW
LoadLibraryA
GetTimeFormatA
WideCharToMultiByte
TerminateProcess
GetDateFormatA
GetTimeZoneInformation
SetConsoleTitleW
TlsGetValue
GetCurrentProcessId
MultiByteToWideChar
GetCurrentThread
FreeEnvironmentStringsW
SetHandleCount
LCMapStringA
CompareStringA
GetTickCount
GetACP
WriteFile
GetUserDefaultLCID
UnhandledExceptionFilter

advapi32

RegReplaceKeyA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyA
CryptHashData
CryptDecrypt
CryptGetDefaultProviderA

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54d9c79886c378d3731d2e5224b35fd9

Headers

File Characteristics

Imports

wininet

user32

shell32

gdi32

kernel32

advapi32

Sections

.text Size: 136KB - Virtual size: 135KB

.data Size: 272KB - Virtual size: 296KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 136KB - Virtual size: 135KB

.data
Size: 272KB - Virtual size: 296KB

.rsrc
Size: 5KB - Virtual size: 5KB