42950c5b7a1cae28f8c8c904ba0055c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42950c5b7a1cae28f8c8c904ba0055c4_JaffaCakes118
Size

171KB
MD5

42950c5b7a1cae28f8c8c904ba0055c4
SHA1

467b058b1010dd3a6d293ce6501969ae22afb71c
SHA256

8b952e6659c025edfc214acaadd1ef7f082701aba99763494d1cc2e86c78a427
SHA512

c64c4fa4ed3ff8acbedd3524dd769e3300cf143f6fc1fb9bd0b53ab0f5f9568c2116a3203075c6ee700e87e7abe754128102efdb4db458c66048b6fd6a8726ce
SSDEEP

3072:uza8yFYvxx6vn3VbdkIYmkoKmS0j8Ci4iXS5GFS0M7BJ+P0WTtWW6zCxY:umFeMvn3ROtHIKtSKS9Jafj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42950c5b7a1cae28f8c8c904ba0055c4_JaffaCakes118

Files

42950c5b7a1cae28f8c8c904ba0055c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0dbdf5ea4feae676f69ac6124d84ea0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

BuildImpersonateExplicitAccessWithNameA
QueryServiceLockStatusA
LsaAddPrivilegesToAccount
CredGetTargetInfoW
WmiDevInstToInstanceNameA
AccessCheckByTypeResultListAndAuditAlarmByHandleW
LsaQueryForestTrustInformation
I_ScSetServiceBitsA
OpenSCManagerW
GetInheritanceSourceW
QueryTraceW
CreateRestrictedToken

crtdll

_wcslwr
_chgsign
_msize
strxfrm
__fpecode
fgetpos
rewind
isupper
iswspace
__threadid
exp
_mbsstr
isalnum
iswlower
_spawnle
_fcvt
getc

kernel32

CopyFileA
GetBinaryTypeW
LoadLibraryA
GetNumaHighestNodeNumber
IsProcessorFeaturePresent
CopyLZFile
FindActCtxSectionGuid
GetProcessIoCounters
FillConsoleOutputCharacterA
DeleteAtom
Process32NextW
SetCommConfig
GetCommState
VirtualAlloc

ole32

PropSysAllocString
StgOpenStorageEx
WdtpInterfacePointer_UserFree
ReadFmtUserTypeStg
HMETAFILE_UserUnmarshal
RegisterDragDrop
StgPropertyLengthAsVariant
StringFromCLSID
OleIsCurrentClipboard
HICON_UserMarshal
STGMEDIUM_UserSize
OleCreateFromDataEx
IsEqualGUID
HBITMAP_UserFree
CoGetCallContext
RevokeDragDrop

opengl32

glCopyTexImage1D
glTexCoord1sv
glTexCoord1iv
glClearDepth
glColor4ubv
glFogi
GlmfEndGlsBlock
glAccum
glRasterPos3s
wglCopyContext
glTexGeni
glIndexub

user32

SetTimer
KillTimer
GetLastActivePopup

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0dbdf5ea4feae676f69ac6124d84ea0

Headers

File Characteristics

Imports

advapi32

crtdll

kernel32

ole32

opengl32

user32

Sections

.text Size: 83KB - Virtual size: 82KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 52KB - Virtual size: 130KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 83KB - Virtual size: 82KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 52KB - Virtual size: 130KB

.rsrc
Size: 2KB - Virtual size: 2KB