42460820188e370d164bbc19de754115_JaffaCakes118

General

Target

42460820188e370d164bbc19de754115_JaffaCakes118
Size

957KB
MD5

42460820188e370d164bbc19de754115
SHA1

6ace426e680e30f7305591138f8e6c308e24efee
SHA256

80bd11c2ce216fd36913135ce39ef15c0f7b8b2ba5d4df148eddc3e6cdb2c9cf
SHA512

336c00dfbc2111ab568a380f2bef9a0983228f4809c9f7a2274e77bbe3488e34ef4452d109a35a54f26c21e8f97c59a4c0b480d8a48e4be647ad544e3505d036
SSDEEP

24576:KWVYsLkZXtuQzGogK9e5M0Ou1wxb4drFHwePa/yGdJEwEvo:KYGtT9Tk5M0OvxMr18yGdqwn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42460820188e370d164bbc19de754115_JaffaCakes118

Files

42460820188e370d164bbc19de754115_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8baa40674a44749de9a41dbbd15a83fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopy
SysAllocStringLen
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayGetLBound
SysStringLen

advapi32

GetUserNameW
MakeAbsoluteSD
RegCreateKeyExW
RegEnumKeyW
GetExplicitEntriesFromAclW
ObjectDeleteAuditAlarmW
RegSetValueExW
CryptDecrypt
LookupAccountSidW
RegNotifyChangeKeyValue
QueryServiceLockStatusW

kernel32

CreatePipe
GetProfileIntA
LoadLibraryExW
VirtualUnlock
lstrcmpA
IsProcessorFeaturePresent
CompareStringW
ExitProcess
EnumTimeFormatsW
SetConsoleWindowInfo
GetDateFormatA
FindFirstFileA
SetErrorMode
GetComputerNameW

ole32

OleCreateMenuDescriptor
ReadClassStm
CreateOleAdviseHolder
CreateBindCtx

user32

SetSysColors
CharPrevW
FillRect
CharToOemW

msvcrt

_chdir
_strcmpi
tmpnam
_fileno
_mbctolower
_locking
ctime
atof
iswalpha
_putws
_mbctoupper
_getpid
wcstombs
getenv
wcstol
_strtime
_snprintf
_tell
localeconv

Sections

.text
Size: 38KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 601KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8baa40674a44749de9a41dbbd15a83fc

Headers

File Characteristics

Imports

oleaut32

advapi32

kernel32

ole32

user32

msvcrt

Sections

.text Size: 38KB - Virtual size: 255KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 601KB - Virtual size: 600KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 38KB - Virtual size: 255KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 601KB - Virtual size: 600KB

.rsrc
Size: 17KB - Virtual size: 16KB