42e9d6a0b945b9f63125cc243670f22d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42e9d6a0b945b9f63125cc243670f22d_JaffaCakes118
Size

145KB
MD5

42e9d6a0b945b9f63125cc243670f22d
SHA1

adc3547f8f450597d50ec8c609f2bba44667d1f6
SHA256

7d37193a097ff6ac866fac1f2f7eb2a7d2f8150488b9808d9cee99aa4ddfe8ef
SHA512

0048d6a892ff4eeac486ff3090fb77b0d3d42871b2533dbfe6a6bd6e019fcd8f1051fe21d50c0de8322a584a16e14d24d46f3f609726bd4d2ac4c1990a375971
SSDEEP

3072:iJxIozxmiqYu+8mddPh7G1bDXBLzEw1c8MCxV6i1p/:UJ4Su+Zd/i1X2n8NVvT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42e9d6a0b945b9f63125cc243670f22d_JaffaCakes118

Files

42e9d6a0b945b9f63125cc243670f22d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f498bee5f7b599d5f12f27299515245

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__setusermatherr
_acmdln
__p__commode
exit
_adjust_fdiv
wcsncmp
memcmp
__set_app_type
__p__fmode
remove
log10
_except_handler3
__getmainargs
_initterm
_controlfp
_XcptFilter

kernel32

GetFileType
CreateDirectoryA
OutputDebugStringA
DuplicateHandle
GetFileAttributesA
VirtualQuery
IsBadWritePtr
GetStartupInfoA
GetModuleHandleA
EnumCalendarInfoA
GetStartupInfoW
VirtualProtect

user32

DrawFrameControl
LoadStringA
GetScrollRange
GetScrollPos
GetKeyState
SendDlgItemMessageA
WaitMessage
GetTopWindow
SetWindowPos
FrameRect

shell32

SHBindToParent
DragQueryFileA
DragQueryFile
SHGetFolderLocation
SHAddToRecentDocs
SHGetSettings
SHGetPathFromIDList
SHFileOperationA
SHCreateDirectoryExA
SHGetFileInfoA
SHGetDiskFreeSpaceExW
SHGetPathFromIDListA

gdi32

PtVisible
SetViewportExtEx
SetRectRgn
SetMapperFlags
LineDDA
GetNearestPaletteIndex
MoveToEx
CreateEnhMetaFileA
CloseEnhMetaFile
CreateDCA
GetObjectType
CreateHalftonePalette
CreateBitmap
CreateDIBPatternBrushPt
SetArcDirection
SetDIBColorTable
Arc
CombineRgn
GetCharWidthW

comctl32

CreatePropertySheetPageW
ImageList_Destroy
ImageList_DrawEx
InitCommonControls
ImageList_EndDrag
ImageList_Write

version

VerLanguageNameA
VerQueryValueW
VerFindFileW
GetFileVersionInfoW
VerInstallFileW
VerInstallFileA
VerQueryValueA
GetFileVersionInfoA

ole32

CoGetMalloc
RegisterDragDrop
DoDragDrop
CoRevokeClassObject
OleDraw
GetRunningObjectTable
CreateBindCtx

advapi32

SetSecurityDescriptorDacl
RegOpenKeyW
RegQueryValueExA
OpenThreadToken
GetLengthSid
RegQueryValueA
RegDeleteKeyA

oleaut32

SafeArrayPtrOfIndex
SafeArrayCreate
SetErrorInfo
GetErrorInfo
GetActiveObject
SysFreeString
VariantCopy
SafeArrayGetElement
SysReAllocStringLen
SysAllocStringLen

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f498bee5f7b599d5f12f27299515245

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

shell32

gdi32

comctl32

version

ole32

advapi32

oleaut32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 15KB - Virtual size: 48KB

.rsrc Size: 112KB - Virtual size: 112KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 15KB - Virtual size: 48KB

.rsrc
Size: 112KB - Virtual size: 112KB