42b4dff145c6ae03bc6b191669e1fa0a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42b4dff145c6ae03bc6b191669e1fa0a_JaffaCakes118
Size

186KB
MD5

42b4dff145c6ae03bc6b191669e1fa0a
SHA1

9d0a627ca10dd156137743d8a72ac5209049fe59
SHA256

ca27c3ec8c6633a6c873c54b9bcc71131873d0bf43fa532fbdfe596120e6502b
SHA512

bb4cc8c59297498c398964d77a37c8d28b75ea57a50aae0a693a2f58ec4bf5195d7748af2216c809b6522b0cb458127b5859572b034a75960be5754e837d967d
SSDEEP

3072:6AMpib+N8xqN5xg4ew0R9wl3m3OWgKmBrjNyxRxTHgZS4d/lqAe1FeQ7KR/OaRbv:6AMpiitfBf0cU3aK6rjNmrzgM4BlY7W3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42b4dff145c6ae03bc6b191669e1fa0a_JaffaCakes118

Files

42b4dff145c6ae03bc6b191669e1fa0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac8f95673ebfe6573620ff71d7dedb18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CloseServiceHandle
ControlService
EqualSid
GetTokenInformation
InitializeSecurityDescriptor
OpenSCManagerA
OpenServiceA
RegEnumValueA
RegFlushKey
RegQueryValueExA
StartServiceA

kernel32

CompareStringA
CreateEventA
CreateFileA
CreateFileMappingA
CreateProcessA
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileA
DisableThreadLibraryCalls
DuplicateHandle
ExitProcess
FlushFileBuffers
FormatMessageA
FreeLibrary
GetACP
GetCommandLineA
GetConsoleCP
GetEnvironmentVariableA
GetFileType
GetFullPathNameA
GetLocalTime
GetModuleHandleA
GetOEMCP
GetProcessHeap
GetShortPathNameA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
GetUserDefaultLCID
GetWindowsDirectoryA
HeapAlloc
InterlockedCompareExchange
InterlockedIncrement
LCMapStringA
LeaveCriticalSection
LocalAlloc
LocalFree
MoveFileA
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
RaiseException
ReadFile
ReadProcessMemory
ResetEvent
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetEvent
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetThreadPriority
SizeofResource
Sleep
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObject
WriteConsoleA
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

user32

BeginPaint
CharPrevA
CreateWindowExA
EndDialog
GetActiveWindow
GetMessageA
GetWindow
IntersectRect
InvalidateRect
LoadStringA
MessageBoxA
PeekMessageA
PostMessageA
PostQuitMessage
RegisterClassExA
ReleaseCapture
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetDlgItemInt
SetMenu
SetWindowTextA
SystemParametersInfoA
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 137KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac8f95673ebfe6573620ff71d7dedb18

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 25KB - Virtual size: 28KB

.INIT Size: 137KB - Virtual size: 324KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.text
Size: 25KB - Virtual size: 28KB

.INIT
Size: 137KB - Virtual size: 324KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB