42b5ae86aceef1665e4b976b7938987c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42b5ae86aceef1665e4b976b7938987c_JaffaCakes118
Size

572KB
MD5

42b5ae86aceef1665e4b976b7938987c
SHA1

87f7d9a58f2f1bbdd6c4245aa0afdb5730ef85fd
SHA256

817f180c562a12019c5fd9665f30439a75e862a133666f71b523b6fa262a073c
SHA512

aa0c1f3f9dfcfdbb6ace44df0ba6bb951acd0dabf4631a914666a06ad11717617ff092178225a7839a4b21f8f6a519b8747bc108624c932369b6f62868ccd191
SSDEEP

12288:yuayDnfQLM46i6waLROixF3+0WWmZBETyo1RDwIg2G1eoxVzAEumii:yPyDnfQLM46i5UFaor0Ig2GcoHzlu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42b5ae86aceef1665e4b976b7938987c_JaffaCakes118

Files

42b5ae86aceef1665e4b976b7938987c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b74080baaba2930f5fedad8c200828a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawStateW
RegisterClassA
DdeUnaccessData
EnumWindows
RegisterHotKey
FlashWindowEx
BroadcastSystemMessageW
OpenIcon
GetClipboardData
GetTabbedTextExtentW
GetSystemMenu
PostMessageW
VkKeyScanExA
SetCursorPos
SetClipboardData
CreateAcceleratorTableW
UnhookWindowsHookEx
DrawTextExW
EnumDisplaySettingsW
RegisterClassExA

kernel32

SetLocaleInfoA
WaitForMultipleObjects
GetCPInfo
SetThreadContext
FindFirstFileExW
LCMapStringW
GlobalGetAtomNameA
IsValidCodePage
HeapCreate
CloseHandle
GetModuleFileNameA
SetConsoleCtrlHandler
lstrcpyW
GetDiskFreeSpaceA
WriteConsoleInputA
InterlockedIncrement
CreateNamedPipeW
GetOEMCP
GetCurrentThread
HeapAlloc
WriteConsoleOutputCharacterW
GetProcAddress
GetEnvironmentStringsA
GetLogicalDrives
UnhandledExceptionFilter
OpenMutexA
lstrcatA
FlushConsoleInputBuffer
GetTimeZoneInformation
ReadConsoleA
LeaveCriticalSection
ReadConsoleW
WriteConsoleOutputA
HeapLock
LoadLibraryA
TlsSetValue
MultiByteToWideChar
EnumResourceLanguagesW
WriteFile
GetVersion
HeapDestroy
GetLocalTime
GetTickCount
GetStringTypeW
TlsGetValue
SystemTimeToTzSpecificLocalTime
GetFileType
LocalShrink
CopyFileExA
GetLastError
CompareStringA
GetWindowsDirectoryW
ResetEvent
SetFilePointer
SetLastError
LoadModule
GetCurrentProcessId
GetCommandLineA
TerminateProcess
EnumSystemLocalesA
WaitForMultipleObjectsEx
TlsFree
GetExitCodeThread
GetSystemTime
QueryPerformanceCounter
GetTempPathA
IsBadWritePtr
GetConsoleMode
ReadFile
TlsAlloc
InterlockedDecrement
FlushFileBuffers
GetStartupInfoA
WideCharToMultiByte
EnterCriticalSection
LoadLibraryExW
HeapValidate
InitializeCriticalSection
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrencyFormatA
GetNumberFormatW
GetACP
GetShortPathNameW
GetCurrentThreadId
GetModuleHandleA
FreeEnvironmentStringsA
CompareStringW
OpenProcess
DeleteFiber
DuplicateHandle
GetPrivateProfileSectionA
GlobalSize
GetEnvironmentStrings
RtlUnwind
EnumTimeFormatsW
GetUserDefaultLCID
CreateMutexA
FileTimeToLocalFileTime
ExitProcess
SetEvent
LocalCompact
GetTempFileNameA
FreeEnvironmentStringsW
SetEnvironmentVariableA
FindFirstFileExA
DeleteCriticalSection
GetThreadTimes
EnumDateFormatsA
lstrcpy
InterlockedExchange
FillConsoleOutputCharacterA
SetHandleCount
HeapFree
FlushInstructionCache
ExpandEnvironmentStringsA
GetStdHandle
GetEnvironmentStringsW
FindResourceExW
GetShortPathNameA
SetCurrentDirectoryA
GetDiskFreeSpaceExW
SetStdHandle
GetCurrentProcess
VirtualQuery
LCMapStringA
HeapReAlloc
VirtualFree
VirtualAlloc
FindResourceExA
SetSystemTime

wininet

InternetGetCookieA
InternetSetDialStateW
InternetAlgIdToStringA
InternetConfirmZoneCrossing

comctl32

ImageList_DrawEx
ImageList_SetFlags
CreateStatusWindowW
ImageList_GetFlags
ImageList_AddIcon
CreatePropertySheetPageW
InitCommonControlsEx
ImageList_Copy
DrawStatusText
ImageList_GetIcon
DestroyPropertySheetPage
ImageList_DragLeave
ImageList_LoadImageA
ImageList_GetIconSize
CreateToolbar
ImageList_Merge
ImageList_GetDragImage

Sections

.text
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b74080baaba2930f5fedad8c200828a8

Headers

File Characteristics

Imports

user32

kernel32

wininet

comctl32

Sections

.text Size: 148KB - Virtual size: 144KB

.rdata Size: 260KB - Virtual size: 256KB

.data Size: 112KB - Virtual size: 128KB

.rsrc Size: 48KB - Virtual size: 46KB

.text
Size: 148KB - Virtual size: 144KB

.rdata
Size: 260KB - Virtual size: 256KB

.data
Size: 112KB - Virtual size: 128KB

.rsrc
Size: 48KB - Virtual size: 46KB