42aeeeae343dba9daeddd860bf4c8316_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

42aeeeae343dba9daeddd860bf4c8316_JaffaCakes118
Size

80KB
MD5

42aeeeae343dba9daeddd860bf4c8316
SHA1

34862033033126af415123c5b223b789c9eda1fe
SHA256

4384b4581e3028217286176bbc9e5b23f9f261dec854e43d0cd01775a08272da
SHA512

5814f34a15391d389325f63981af8cc83b42c7bdee6bab34bbd2cb8ee77dfe5283b810d31f4397da710d8aa5f1df2324d610f674b924a97f2e02590798ce2203
SSDEEP

1536:zteWTDEeD3OstEK5xSV8IxzVeZob1U9brVjhkBinq/W21t:zteID1aIlxSVwZ66LdEqQW2z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42aeeeae343dba9daeddd860bf4c8316_JaffaCakes118

Files

42aeeeae343dba9daeddd860bf4c8316_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3fbd9cf798c430b58cdc37ed29fd5be6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

UnhookWindowsHookEx
GetSubMenu
EnumWindows
GetScrollPos
GetSysColorBrush
SetWindowTextA
EnableMenuItem
SetWindowPos
PostQuitMessage
EqualRect
GetSysColor
GetMessageA
FrameRect

kernel32

GetSystemTime
FileTimeToSystemTime
VirtualAllocEx
GetThreadLocale
ExitProcess
GetTempPathA
InterlockedExchange
RtlUnwind
GetOEMCP
GetTimeZoneInformation
GetCurrentProcessId
GetFileAttributesA
GetStartupInfoA
GetTickCount
SetUnhandledExceptionFilter
QueryPerformanceCounter

gdi32

ExcludeClipRect
CreateCompatibleBitmap
SetViewportExtEx
DPtoLP
GetMapMode
FillRgn
CopyEnhMetaFileA
CreateICW
SelectClipPath

ole32

StgOpenStorage
CoInitialize
CoTaskMemRealloc
CoInitializeSecurity
CoCreateInstance
StringFromGUID2
DoDragDrop
OleRun
CoRevokeClassObject

advapi32

CryptHashData
QueryServiceStatus
RegCreateKeyA
GetSecurityDescriptorDacl
RegQueryValueExW
FreeSid
AdjustTokenPrivileges
CheckTokenMembership
GetUserNameA
RegCreateKeyExW

msvcrt

fprintf
strlen
_flsbuf
__setusermatherr
_strdup
puts
strncpy
iswspace
_lock
_fdopen
_CIpow
__getmainargs
fflush
raise
__initenv
_mbscmp
signal
strcspn

comctl32

ImageList_LoadImageW
ImageList_DragEnter
ImageList_GetIcon
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_DrawEx
ImageList_LoadImageA
ImageList_Write
ImageList_GetBkColor
CreatePropertySheetPageA
ImageList_ReplaceIcon
InitCommonControls
ImageList_Destroy

shell32

DragQueryFileW
SHGetPathFromIDList
ShellExecuteEx
ExtractIconExW
CommandLineToArgvW
DragAcceptFiles
DragQueryFileA
ExtractIconW
SHBrowseForFolderA
DoEnvironmentSubstW
ShellExecuteW

oleaut32

SafeArrayRedim
SafeArrayPutElement
SafeArrayCreate
VariantCopy
SysReAllocStringLen
SafeArrayUnaccessData
SafeArrayPtrOfIndex
SafeArrayGetUBound

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fbd9cf798c430b58cdc37ed29fd5be6

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 40KB - Virtual size: 39KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 6KB - Virtual size: 5KB