42cb481b5b9c978e825c70f60c0d6881_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42cb481b5b9c978e825c70f60c0d6881_JaffaCakes118
Size

162KB
MD5

42cb481b5b9c978e825c70f60c0d6881
SHA1

0fdbbdead4aab0e9472572b629dce6499c47b67b
SHA256

169d8018e464691425228d0d94822255121ef45a3c7860ce40e7034858d40e64
SHA512

f80e960fa6a6a2c5cb45ec4b237c5834af0786d5b88ae361fead7970d118d621b2ab4da4f6d3da978c4ff0995e4f9cbad2519e992a2e4d87d2aa2217762e8509
SSDEEP

3072:5XfB73q42h4v5fRQbJjyTRhC6I4/Xis4Ny5HQ2xn8PIIOTK0R9l8/RllsG1qaQNG:tBP95fiNjmCI/y+5HJR8PIIcKK9Kpl1p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42cb481b5b9c978e825c70f60c0d6881_JaffaCakes118

Files

42cb481b5b9c978e825c70f60c0d6881_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7419b525a1a8301742917ca7c4668fd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
VirtualQuery
RtlUnwind
GetCPInfo
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
SetStdHandle
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
QueryPerformanceCounter
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
CloseHandle
HeapFree
SetFilePointer
GetLastError
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
GetProcAddress
VirtualAllocEx
GetSystemInfo
FindClose
lstrcpynW
GlobalSize
GetExitCodeProcess
GetTempPathW
TerminateProcess
ExitProcess
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetConsoleOutputCP
FlushFileBuffers
InterlockedExchange
WideCharToMultiByte
LocalLock
GetFullPathNameW
LoadLibraryW
FormatMessageW
GetModuleFileNameW
DeleteCriticalSection
GetCurrentProcess
FileTimeToLocalFileTime
InterlockedCompareExchange
GetStringTypeA
GetOEMCP
Sleep
WaitForMultipleObjects
GetACP
GetEnvironmentStrings
VirtualProtect

user32

GetDC
DrawIcon
MoveWindow
ClientToScreen
SetWindowsHookExW
GetMenuState
UpdateWindow
ShowScrollBar
CreateCursor
CreateAcceleratorTableW
MonitorFromWindow
GetDlgItemTextW
GetMessageA
CharUpperW
IsWindowUnicode
ToAscii
EnableMenuItem
GetActiveWindow
RealChildWindowFromPoint
GetMenu
SendDlgItemMessageW
GetSystemMetrics
GetSubMenu
SetDlgItemInt
ShowWindow
InflateRect
WindowFromPoint
GetMenuStringW
GetMenuItemID
DestroyMenu
LoadIconW
DrawTextW
CreateCaret
SetWindowLongW
IsChild

gdi32

GetDeviceCaps
GetObjectW
SetTextAlign
EnumFontFamiliesExW
SetROP2
RestoreDC
Rectangle
SaveDC
ExtTextOutW
GetTextExtentPoint32W
CreateCompatibleDC
DPtoLP
DeleteDC
DeleteObject
AddFontResourceW
PatBlt
CreateHatchBrush
BitBlt

comdlg32

ChooseColorW
ChooseFontW
PageSetupDlgA
GetOpenFileNameA
ReplaceTextA
ChooseFontA
ReplaceTextW
PrintDlgW
FindTextA
GetSaveFileNameW
GetSaveFileNameA
ChooseColorA
GetOpenFileNameW
PrintDlgA
FindTextW
GetFileTitleA
PageSetupDlgW

advapi32

RegOpenKeyExA
RegCreateKeyW
RegSetValueExW
RegEnumKeyExA
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegQueryInfoKeyA
RegDeleteValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegSetValueExA
RegEnumKeyExW
RegCreateKeyA
RegOpenKeyExW
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 123KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lnngzqk
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7419b525a1a8301742917ca7c4668fd7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 123KB - Virtual size: 375KB

.rsrc Size: 4KB - Virtual size: 32KB

lnngzqk Size: - Virtual size: 4KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 123KB - Virtual size: 375KB

.rsrc
Size: 4KB - Virtual size: 32KB

lnngzqk
Size: - Virtual size: 4KB