42496dcff32d748ea4b71d24c4f61726_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42496dcff32d748ea4b71d24c4f61726_JaffaCakes118
Size

416KB
MD5

42496dcff32d748ea4b71d24c4f61726
SHA1

ba87a5fc9d016b1a7fc0ff4ced21962e5bb9b2f2
SHA256

d13b06cd28cf83add4150314bd1d7fc95869289ed083dd3a543b489e527ea96c
SHA512

f2ebe914d51b3b79c65a9d74370a3be122b91810b89f0e3d85e06a56c52786b8cc6030e145b3f58dae9c1ee7324a4a45a11ffb45364ce5b31ac6311e59c013af
SSDEEP

12288:pfrBedEGYqbMgV+vDQ6kobk7WHfbQUTh+e:pzAd7YkBVB6k17WHfbDT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42496dcff32d748ea4b71d24c4f61726_JaffaCakes118

Files

42496dcff32d748ea4b71d24c4f61726_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b2c3f23438156dc8147c13c662eac17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetSidSubAuthority
GetAccessPermissionsForObjectA
RegQueryInfoKeyA
IsValidAcl
GetAuditedPermissionsFromAclW
GetMultipleTrusteeOperationW
NotifyBootConfigStatus
SetNamedSecurityInfoExW
MakeSelfRelativeSD
QueryServiceConfigA
SetFileSecurityA
QueryServiceConfigW
ConvertSecurityDescriptorToAccessA
RegOpenKeyA
SetKernelObjectSecurity
InitializeSecurityDescriptor
GetNamedSecurityInfoExW
ConvertSecurityDescriptorToAccessW
RegQueryValueW
SetNamedSecurityInfoW
RegEnumKeyExA
SetEntriesInAuditListW
SetSecurityInfo
GetSidSubAuthorityCount
GetKernelObjectSecurity
SetSecurityDescriptorOwner
QueryServiceLockStatusW
InitializeSid
ConvertAccessToSecurityDescriptorW
RegEnumValueW
RegDeleteKeyW
RegEnumValueA
ImpersonateLoggedOnUser
ObjectOpenAuditAlarmW
GetUserNameW
ObjectCloseAuditAlarmW
RegOpenKeyExW
TrusteeAccessToObjectA
SetNamedSecurityInfoA
RegRestoreKeyA
ReadEventLogW
ImpersonateSelf
RegDeleteValueW
GetSecurityDescriptorOwner
SetFileSecurityW
RegOpenKeyExA
IsTextUnicode
ReadEventLogA
GetAuditedPermissionsFromAclA

gdi32

SetRectRgn
GetMetaFileA
GetRgnBox
SetBkMode
SetBkColor
GetDIBits
SelectObject
SetTextCharacterExtra
GetWindowExtEx
OffsetViewportOrgEx
PathToRegion
PlgBlt
SetMapperFlags
GetTextExtentPointW
ScaleViewportExtEx
SetWinMetaFileBits
UnrealizeObject
SetMiterLimit
CreateDIBPatternBrush
SwapBuffers
ResetDCW
SetMagicColors
Rectangle
ScaleWindowExtEx
PlayEnhMetaFileRecord
GetPixel
UpdateICMRegKeyA
StartDocA
AnimatePalette
GdiGetBatchLimit
SetViewportExtEx
SetArcDirection
SetPolyFillMode
SetColorSpace
SetROP2
SetWorldTransform
GetWinMetaFileBits
SetLayout
StretchBlt
GetCharWidth32W
SetEnhMetaFileBits
CopyMetaFileA
GetStockObject
SetTextAlign
UpdateICMRegKeyW
EnumFontFamiliesW
SetDIBColorTable
StartPage
CancelDC
WidenPath
GetTextExtentExPointW
PolyBezierTo
SetPixelV
GetROP2
Polyline

msvcrt

bsearch
asin
strcat
wcstoul
vsprintf
wcschr
ldexp
wcspbrk
strncmp
div
ungetc
strncpy
strpbrk
_y1
wcscmp
getwc
wprintf
sin
vswprintf
toupper
strtok
fseek
iswdigit
iswupper
wcscat
sprintf
swprintf
raise
scanf
memcpy
cosh
strerror
_osver
_mbsupr
mbtowc
localtime
wcstod
wcsrchr
tmpfile
wcstol
towlower
tan
mbstowcs
wcsspn
vwprintf
putwc
iswprint
vfwprintf
cos
longjmp

user32

SetPropW
LoadImageA
InvalidateRect
SendMessageCallbackA
IsCharUpperW
ShowCaret
SetMessageQueue
GetListBoxInfo
OemToCharA
IsDialogMessage
OpenInputDesktop
wsprintfW
ValidateRect
RegisterClipboardFormatW
SetCapture
IsWindow
LoadStringW
ShowWindowAsync
DrawTextExW
TranslateMessage
wsprintfA
SetScrollInfo
IsChild
IsMenu
SetDoubleClickTime
SendMessageW
wvsprintfW
SubtractRect
UnregisterClassA
UserClientDllInitialize
WINNLSEnableIME
SetCursorPos
MsgWaitForMultipleObjects
SystemParametersInfoW
wvsprintfA
SetMenuItemInfoW
ReplyMessage
SendNotifyMessageW
TranslateAcceleratorW
LoadIconA
MessageBoxIndirectA
SetMenu
WaitForInputIdle
SetMenuInfo
UnregisterHotKey
RealGetWindowClass
WindowFromDC
IsWindowVisible
UnregisterClassW
GetWindowTextW
mouse_event

kernel32

SetFileTime
GetCurrentProcess
ExitProcess
SetHandleInformation
SleepEx
lstrcpynW
GlobalFlags
SetupComm
lstrlen
GlobalReAlloc
MoveFileExW
lstrcpynA
_lwrite
GetCurrentThreadId
GetCurrentProcessId
SetHandleCount
PulseEvent
_llseek
SystemTimeToTzSpecificLocalTime
InterlockedExchange
LocalReAlloc
EnumSystemCodePagesW
FindNextFileA
SystemTimeToFileTime
VirtualFree
GetLastError
UpdateResourceW
GetTempPathW
Module32First
VirtualUnlock
VirtualLock
lstrcatW
GetStringTypeExA
GetLocaleInfoA
OpenFileMappingW
lstrcmpA
_hwrite
GetFileTime
GetCommandLineA
lstrcpyW
lstrcmpi
GetModuleHandleW
GetCurrentThread
VirtualFree
HeapDestroy
SetLastError
Heap32First
VirtualAlloc
SetErrorMode
UnlockFileEx
OpenSemaphoreW
GetCommandLineW
OpenThread
SignalObjectAndWait
TransactNamedPipe
SwitchToFiber
GlobalWire
GetStartupInfoW
InterlockedIncrement
ResetEvent
WaitForDebugEvent
FindAtomA
HeapCreate

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 202KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b2c3f23438156dc8147c13c662eac17

Headers

File Characteristics

Imports

advapi32

gdi32

msvcrt

user32

kernel32

Sections

.text Size: 13KB - Virtual size: 13KB

.data Size: 197KB - Virtual size: 1.1MB

.rdata Size: 202KB - Virtual size: 210KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 13KB - Virtual size: 13KB

.data
Size: 197KB - Virtual size: 1.1MB

.rdata
Size: 202KB - Virtual size: 210KB

.rsrc
Size: 3KB - Virtual size: 3KB