42d3ffb752b98326e91b64f4f94b9e97_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42d3ffb752b98326e91b64f4f94b9e97_JaffaCakes118
Size

451KB
MD5

42d3ffb752b98326e91b64f4f94b9e97
SHA1

fc45020d9ba3d8e5c9eace6b9d516f6cb44a6a9c
SHA256

722d0b6b1a533c1141ea7e3cf66e087aca18041bb6ba8c8356c4c7345fdd0ecf
SHA512

18be98d7e603c619204bf70fb969c23e92660a3d14a6658ec6816d50ab225c260fea94b28824358961031cbc7529c3ff177900890ed2b0004802350fffd94ed6
SSDEEP

12288:7sQazhhyxpi9QuTR959AcXBiclSe+uxPUgzwXFdymx7iR/G:7JaHyxSRPc3zuxPUA6Ff1idG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42d3ffb752b98326e91b64f4f94b9e97_JaffaCakes118

Files

42d3ffb752b98326e91b64f4f94b9e97_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1c004ef25769e9582e1205e541ca368

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetVersionExA
WritePrivateProfileSectionA
Sleep
GetStringTypeA
DeleteCriticalSection
HeapAlloc
LoadLibraryA
WriteFile
SetLastError
CreateMutexW
TlsSetValue
CompareStringW
GetDateFormatA
VirtualProtect
WideCharToMultiByte
GetCommandLineW
GetTimeFormatA
GetTimeZoneInformation
GetACP
UnhandledExceptionFilter
GetLastError
GetUserDefaultLCID
GetLocaleInfoA
GetProfileIntW
HeapSize
GetStartupInfoW
GetSystemInfo
GetProcAddress
EnumSystemLocalesA
GetStringTypeW
HeapFree
ReadConsoleInputA
GetFileType
GetProcessShutdownParameters
InitializeCriticalSection
VirtualQuery
SetHandleCount
IsBadWritePtr
TlsFree
GetCurrentThread
IsValidCodePage
FreeEnvironmentStringsA
GetStdHandle
HeapReAlloc
SetEnvironmentVariableA
ExitProcess
EnterCriticalSection
CompareStringA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
LCMapStringW
GetModuleHandleA
GetOEMCP
IsValidLocale
LCMapStringA
GetCurrentThreadId
TlsGetValue
HeapCreate
GetEnvironmentStringsW
GetStartupInfoA
GetCurrentProcessId
GetModuleFileNameA
LeaveCriticalSection
GetEnvironmentStrings
GetFileAttributesExA
GetTickCount
HeapDestroy
GetCPInfo
GetModuleFileNameW
VirtualFree
TlsAlloc
RtlUnwind
GetLocaleInfoW
GetSystemTimeAsFileTime
InterlockedExchange
MultiByteToWideChar
FreeEnvironmentStringsW

gdi32

SetLayout
BeginPath

user32

SubtractRect
SetWindowsHookExW
GetSubMenu
GrayStringA
EditWndProc

wininet

InternetCloseHandle
FtpPutFileA
ShowSecurityInfo
InternetGetLastResponseInfoA
HttpQueryInfoW
SetUrlCacheConfigInfoW
InternetTimeToSystemTime
InternetAlgIdToStringW
RetrieveUrlCacheEntryFileW
InternetTimeFromSystemTimeW
FtpRemoveDirectoryA
InternetGetLastResponseInfoW
GopherGetLocatorTypeW

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1c004ef25769e9582e1205e541ca368

Headers

File Characteristics

Imports

kernel32

gdi32

user32

wininet

Sections

.text Size: 170KB - Virtual size: 170KB

.data Size: 273KB - Virtual size: 272KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 170KB - Virtual size: 170KB

.data
Size: 273KB - Virtual size: 272KB

.rsrc
Size: 6KB - Virtual size: 6KB