42a4bc312b5fc4448c6fd943735d1236_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42a4bc312b5fc4448c6fd943735d1236_JaffaCakes118
Size

222KB
MD5

42a4bc312b5fc4448c6fd943735d1236
SHA1

64c6825f15c22f7fb4eb2ec252827c61d84afadd
SHA256

10e0a0b0e061e5eb72bcdca38145cd7d29fbe495b33718fe37e0941158de88c3
SHA512

90e38ffe9f4a0614e46451b5fe3476eb53ed47bc02e0751a2388a486368f4b2ab4f076d992322f3a61f431a10d11a22317514bef5adbea4be0354666ac612bcd
SSDEEP

3072:J3GKEayhXATci04JOTTtFT+6QwJOVNgfNMV39pIFGy8wP/IDAxC9FA3wQ4zwgjVK:8j5Aj0PTzTkb4NU9PwP/ZeFPzwgxlCr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42a4bc312b5fc4448c6fd943735d1236_JaffaCakes118

Files

42a4bc312b5fc4448c6fd943735d1236_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0165bd9acb390ce93bf8c3529cdd03ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
GetAtomNameA
OpenSemaphoreW
IsDebuggerPresent
GetProcAddress
WinExec
LoadLibraryExA
OpenSemaphoreA
FatalAppExitA
SetCalendarInfoA
IsBadStringPtrW
CreateMutexA
AddAtomW
FreeLibrary
Beep
lstrcpyA
IsBadCodePtr
GetShortPathNameW

user32

GetSubMenu
DestroyMenu
GetMenuInfo
CreateDesktopW
CopyIcon
mouse_event
GetSystemMetrics
InsertMenuItemW
PostMessageA
CreateDesktopA
SetFocus
RegisterWindowMessageW
WinHelpA
MoveWindow
ShowWindow
OpenClipboard
GetCapture
RegisterWindowMessageA

gdi32

CreateFontIndirectW
CreateRoundRectRgn
CreateFontIndirectExA
GetTextExtentPointA
GetEnhMetaFileW
UpdateICMRegKeyW
CreateScalableFontResourceA
AddFontResourceW
CreateColorSpaceA
CreateMetaFileA
CreateCompatibleDC
RemoveFontResourceExA
RemoveFontResourceW
SetWinMetaFileBits
GetEnhMetaFilePixelFormat

advapi32

RegSetValueA
RegCreateKeyExA
RegQueryValueExA
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyA

comctl32

ImageList_SetFilter
ImageList_GetFlags
ImageList_DragMove
ImageList_DrawEx
CreatePropertySheetPageA
ImageList_GetIcon

inetcomm

MimeOleFindCharset
MimeOleGetPropA
CreateRASTransport
MimeOleGetInternat
GetDllMajorVersion
MimeOleGetBodyPropW
MimeOleSMimeCapsFull
MimeOleAlgNameFromSMimeCap
MimeOleGenerateCID
MimeOleSMimeCapAddCert

sqlunirl

_RemoveFontResource_@4
AbortSystemShutdown_
_GetProfileSection_@12
_CreateProcessAsUser_@44
_CompareString_@24
_FindResourceEx_@16
_NDdeSetShareSecurity_@16
_EnumFonts_@16
_DragQueryFile_@16
_GetCharacterPlacement_@24
_strerror_@4
_RegReplaceKey_@16
_ttof
_GetDiskFreeSpace_@20
_PropertySheet_@4
_CopyEnhMetaFile_@8
_DrawText@20
_GetPrivateProfileSectionNames_@12
_ObjectCloseAuditAlarm_@12
_RegisterWindowMessage_@4
_SetDefaultCommConfig_@12
_GlobalFindAtom_@4
_IsCharAlpha_@4
_RegCreateKeyEx_@36

crypt32

CertAddSerializedElementToStore
CryptBinaryToStringW
I_CryptGetDefaultCryptProvForEncrypt
CryptEnumOIDFunction
CryptSIPGetSignedDataMsg
CryptMsgGetAndVerifySigner
I_CertUpdateStore
CertOpenSystemStoreW
CertGetCertificateChain
CryptMsgSignCTL
CryptUnregisterOIDFunction
CertFindCertificateInStore

Sections

.kwP
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dwd
Size: 1024B - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PHv
Size: 512B - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aLP
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lktG
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.j
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EC
Size: 3KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Vu
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jVSxKc
Size: 7KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0165bd9acb390ce93bf8c3529cdd03ab

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

inetcomm

sqlunirl

crypt32

Sections

.kwP Size: 2KB - Virtual size: 2KB

.dwd Size: 1024B - Virtual size: 30KB

.PHv Size: 512B - Virtual size: 280KB

.aLP Size: 86KB - Virtual size: 86KB

.lktG Size: 13KB - Virtual size: 13KB

.j Size: 3KB - Virtual size: 20KB

.EC Size: 3KB - Virtual size: 139KB

.Vu Size: 85KB - Virtual size: 84KB

.jVSxKc Size: 7KB - Virtual size: 373KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 1024B

.kwP
Size: 2KB - Virtual size: 2KB

.dwd
Size: 1024B - Virtual size: 30KB

.PHv
Size: 512B - Virtual size: 280KB

.aLP
Size: 86KB - Virtual size: 86KB

.lktG
Size: 13KB - Virtual size: 13KB

.j
Size: 3KB - Virtual size: 20KB

.EC
Size: 3KB - Virtual size: 139KB

.Vu
Size: 85KB - Virtual size: 84KB

.jVSxKc
Size: 7KB - Virtual size: 373KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 1024B