42bf078af850ab1420796b3234b4c5cb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

42bf078af850ab1420796b3234b4c5cb_JaffaCakes118
Size

372KB
MD5

42bf078af850ab1420796b3234b4c5cb
SHA1

137be7df3c30af1a6aa8579241832afa7d216fd1
SHA256

79f00d3b22f21e8db2b9811c504da65de661b3c1d02e47ba3812566d8adc98bd
SHA512

acbbc1fe695ca7fd048a3f833e389e45bf3531d960df64b9b53104fdddd7bc54147991326757d3890fadd64b40114dd93d388e8c6aeeb052f9b6d3df1f45c5c0
SSDEEP

6144:XspHG4rGmdyTUREEDaNZx8mb6gln7EDvJeYeWShmLSyrPmAI95hB+L+qSDHoxWNJ:XcmWLR3DiZP9GDvsRWSQLrIfhKwDHom

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42bf078af850ab1420796b3234b4c5cb_JaffaCakes118

Files

42bf078af850ab1420796b3234b4c5cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77623314e93757a6a28cd60128e8c98e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PurgeComm
OpenFile
GetDiskFreeSpaceW
SystemTimeToFileTime
CancelIo
EraseTape
WritePrivateProfileStringW
CompareStringW
Beep
VirtualLock
GetFileType
GetProcessHeap
SetEnvironmentVariableA
ReadConsoleOutputA
VirtualAlloc
WritePrivateProfileSectionA
RemoveDirectoryW
VirtualProtect
IsBadStringPtrA
CreateMutexW
SetConsoleOutputCP
CreateMutexA
CreateWaitableTimerA
QueryDosDeviceW
GetEnvironmentVariableW
GetCurrentDirectoryW
GetStartupInfoA
GetConsoleCursorInfo
ReadDirectoryChangesW
IsProcessorFeaturePresent
GetDateFormatA
GetUserDefaultLCID
EnumResourceNamesA
ScrollConsoleScreenBufferA
ReadConsoleA
FlushFileBuffers
FreeLibraryAndExitThread
FormatMessageW
LoadLibraryExW
GlobalUnlock
SetSystemTime
LocalAlloc
DeleteFiber
SetThreadPriorityBoost
CopyFileExW
GetSystemDirectoryW
GetModuleFileNameW
SetEnvironmentVariableW
GetFileAttributesExA
GetCommandLineA
GetVersionExA
GetCommConfig
ExitProcess

user32

SetScrollPos
DefWindowProcW
SendMessageW
CreateDialogIndirectParamW
ChangeMenuA
GetCursor
HiliteMenuItem
LoadMenuIndirectW
SetWindowWord
GetClipboardFormatNameW
DrawIconEx
GetClipboardFormatNameA
LoadBitmapA
SetActiveWindow
SetRect
LoadCursorA
EnumWindowStationsW
CountClipboardFormats
GetWindowLongW
SetClassLongW
MenuItemFromPoint
PostMessageA
SetWindowLongA
GetClassInfoExA
SetFocus
DrawTextExA
SetWindowsHookExW
SendMessageTimeoutA
GetIconInfo
IsWindow
UnregisterClassA
EnumDisplayMonitors
GetUpdateRgn
SetThreadDesktop
UnregisterClassW
SetWindowsHookW
GetDCEx
CopyAcceleratorTableW
DestroyCaret
GetMenuItemCount
TranslateAcceleratorW
wvsprintfA
InternalGetWindowText
MessageBoxA
LoadKeyboardLayoutW
DeferWindowPos
SetCursor
DialogBoxParamA
GetClassNameA
GetWindowTextLengthA
GetMessageA
GetMenuInfo
GetScrollPos
DefWindowProcA
TranslateMDISysAccel
MapVirtualKeyW
GetFocus
GetAsyncKeyState
RemoveMenu

gdi32

EnumFontFamiliesExA
EnumFontsW
SetMapperFlags
EnumEnhMetaFile
CreatePalette
OffsetClipRgn
ModifyWorldTransform
ArcTo
CreatePen
SelectClipPath
TranslateCharsetInfo
ExtFloodFill
FillRgn
StartDocW
CloseEnhMetaFile
BitBlt
ExtTextOutA
CloseMetaFile
TextOutW

comdlg32

ReplaceTextA

advapi32

LookupAccountSidA
RegUnLoadKeyA
CryptSetHashParam
RegCreateKeyExA
AddAccessAllowedAce
GetSecurityDescriptorLength
ReportEventW
GetLengthSid
GetSecurityDescriptorControl
SetServiceObjectSecurity
CryptVerifySignatureW

shell32

SHFileOperationW
FindExecutableW
ExtractIconA
SHChangeNotify
SHGetPathFromIDListA

oleaut32

SysStringLen
VariantCopy
SetErrorInfo
SafeArrayGetLBound
SafeArrayRedim
QueryPathOfRegTypeLi
SafeArrayUnaccessData
VariantChangeType
SysAllocStringLen

comctl32

ImageList_EndDrag
InitCommonControlsEx

shlwapi

PathGetDriveNumberW
SHRegGetBoolUSValueW
StrRetToStrW
StrPBrkW
StrTrimA
HashData
StrCmpNIA
PathGetCharTypeW
PathCompactPathExW

setupapi

SetupDiEnumDeviceInterfaces
SetupGetStringFieldW
SetupDiCallClassInstaller
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceRegistryPropertyA

Sections

XeSqwtl
Size: 320KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

tWzscRO
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

zBlCL
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MJDcP
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77623314e93757a6a28cd60128e8c98e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

shlwapi

setupapi

Sections

XeSqwtl Size: 320KB - Virtual size: 316KB

tWzscRO Size: 8KB - Virtual size: 4KB

zBlCL Size: 32KB - Virtual size: 30KB

MJDcP Size: 8KB - Virtual size: 4KB

XeSqwtl
Size: 320KB - Virtual size: 316KB

tWzscRO
Size: 8KB - Virtual size: 4KB

zBlCL
Size: 32KB - Virtual size: 30KB

MJDcP
Size: 8KB - Virtual size: 4KB