42c6d2f4f8d9ab9be8ab83639408e5cb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

42c6d2f4f8d9ab9be8ab83639408e5cb_JaffaCakes118
Size

576KB
MD5

42c6d2f4f8d9ab9be8ab83639408e5cb
SHA1

54a254cd81d86904b46752a1531e21550998b3e8
SHA256

9cebbc6f3bcd631bb3c6f860e47ca869285b14d17b085857977b914e1a4ca192
SHA512

d1d3a879d7dce11bcfc8f658f6fa4e0fa2af48057887dfa1a99275298a1e252506e92f52c57bc9d2ae5634ff04d505392e8244d0882b32b45858e5361c253234
SSDEEP

12288:9DJgbG9fDHIn4GdqTWhyQKlPvwovCebvTct7yk9YHa:9D9NDonpCWhzqPv9CejTct7yZa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42c6d2f4f8d9ab9be8ab83639408e5cb_JaffaCakes118

Files

42c6d2f4f8d9ab9be8ab83639408e5cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5707be9b9e7ccd645075ff8a90c6f58d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA
PrintDlgA
GetSaveFileNameW
ReplaceTextW

kernel32

SetUnhandledExceptionFilter
SetConsoleCtrlHandler
InterlockedIncrement
IsValidCodePage
HeapDestroy
GetEnvironmentStringsW
HeapSize
GetModuleHandleA
LocalFree
GetEnvironmentStrings
GetCPInfo
GetLocaleInfoW
FreeLibrary
TlsGetValue
GetTimeFormatA
GetTimeZoneInformation
GetDateFormatA
WriteConsoleA
InterlockedExchange
GetFileType
GetSystemTimeAsFileTime
SetFilePointer
GetACP
VirtualFree
CreateMutexA
FreeEnvironmentStringsA
LeaveCriticalSection
IsValidLocale
GetCurrentProcessId
VirtualQuery
GetStringTypeA
GetProcAddress
LoadLibraryA
GetCurrentProcess
HeapCreate
GetVersionExA
SetConsoleWindowInfo
VirtualProtectEx
GetLocaleInfoA
GetPrivateProfileSectionNamesA
GetStdHandle
GetPrivateProfileStringW
EnumSystemLocalesA
GetConsoleCP
HeapFree
IsDebuggerPresent
GetCommandLineA
FlushFileBuffers
GetConsoleOutputCP
WideCharToMultiByte
FindResourceExW
GetProcessHeap
QueryPerformanceCounter
SetStdHandle
LocalReAlloc
TlsAlloc
TlsSetValue
GetTickCount
MultiByteToWideChar
RtlUnwind
UnhandledExceptionFilter
ExitProcess
GlobalAddAtomA
LCMapStringA
GetConsoleMode
OpenMutexA
TlsFree
DeleteCriticalSection
CompareStringW
WriteFile
HeapReAlloc
EnterCriticalSection
GlobalGetAtomNameW
TerminateProcess
GetCurrentThread
CompareStringA
GetUserDefaultLCID
GetStringTypeW
GetLastError
CreateFileA
SetLastError
LCMapStringW
GetCurrentThreadId
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetOEMCP
ReadFile
InitializeCriticalSection
WriteConsoleW
HeapAlloc
SetHandleCount
Sleep
CloseHandle
VirtualAlloc
GetModuleFileNameA
InterlockedDecrement
CreateDirectoryExA
SetConsoleCP
GetStartupInfoA

user32

DrawFrame
UnloadKeyboardLayout
EnumPropsExA
ScrollWindowEx
GetAncestor
GetSystemMetrics
GetDlgItemTextW
ShowCursor
ImpersonateDdeClientWindow
CreateMDIWindowA
WindowFromPoint
KillTimer
GetTabbedTextExtentW
SetClipboardData
CharLowerBuffW
GetTopWindow
BeginDeferWindowPos
LockWindowUpdate
WINNLSGetEnableStatus
CallNextHookEx
SetCursor
DlgDirSelectExW
SetClassWord
EnumDisplayDevicesA
DdeGetLastError
DrawCaption
CharNextW
GetWindowPlacement
EnumThreadWindows
SwitchDesktop
SetMenuContextHelpId
ChangeClipboardChain
PackDDElParam
GetWindowWord
SetTimer
SetKeyboardState
IsWindow
DrawTextExW
GetCursor
SetSystemCursor
DrawFocusRect
ClientToScreen
ChangeDisplaySettingsExA
LoadStringA
GetScrollBarInfo
LoadMenuIndirectA
AppendMenuA
MessageBoxW
GetMessageTime
MapVirtualKeyA
RedrawWindow
DestroyMenu
IsDialogMessageW
InSendMessageEx
RegisterClassA
GetGuiResources
GetGUIThreadInfo
OemToCharW
GetWindowModuleFileNameW
IntersectRect
CheckRadioButton
RegisterClassExA
TranslateAcceleratorA
SetRectEmpty
CopyIcon
GetClassInfoExA
CreateMDIWindowW
GetPriorityClipboardFormat
SendMessageTimeoutW
GetWindowTextLengthW
RegisterWindowMessageA
EnableWindow
GetCaretPos
GetKBCodePage
OpenWindowStationW
SetCursorPos
TabbedTextOutA
SetMessageQueue
GetScrollInfo
EnumDisplaySettingsA
SetScrollPos
SetMenu
GetClipboardViewer
SendMessageA
CharUpperA
GetScrollRange
RealChildWindowFromPoint
GetKeyboardState
DefDlgProcW
SetUserObjectInformationA
FindWindowW
SetDebugErrorLevel
GetWindowContextHelpId

comctl32

ImageList_SetFilter
CreateStatusWindow
ImageList_GetFlags
ImageList_Merge
InitMUILanguage
ImageList_Create
ImageList_SetFlags
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_DragLeave
ImageList_Read
ImageList_SetBkColor
CreatePropertySheetPage

shell32

DuplicateIcon
SHAppBarMessage

advapi32

CryptEnumProvidersW
RegCreateKeyW
CryptContextAddRef
CryptGetUserKey
GetUserNameA
CryptGenKey
LogonUserW
CryptDeriveKey
DuplicateToken
RegSetKeySecurity
ReportEventA
InitializeSecurityDescriptor
RegConnectRegistryA
CryptImportKey
DuplicateTokenEx
RegSaveKeyA
RegQueryValueW
RegEnumKeyW
RegEnumKeyA
CryptEnumProvidersA
RegNotifyChangeKeyValue

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5707be9b9e7ccd645075ff8a90c6f58d

Headers

File Characteristics

Imports

comdlg32

kernel32

user32

comctl32

shell32

advapi32

Sections

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 260KB - Virtual size: 258KB

.data Size: 112KB - Virtual size: 131KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 260KB - Virtual size: 258KB

.data
Size: 112KB - Virtual size: 131KB

.rsrc
Size: 36KB - Virtual size: 33KB