42f2f89892142139408d305c13f83614_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42f2f89892142139408d305c13f83614_JaffaCakes118
Size

340KB
MD5

42f2f89892142139408d305c13f83614
SHA1

3e6002ae10fb96e129847fc62b46c7b800dc8ab9
SHA256

23542aa2f05b3f89b1320873e667c844843604d0faf285adb11d231a210514cf
SHA512

86603136142837f4985fcd9d43af4aa5267cb41a614c2fac6cc59c9fd58a4d3f56e9b33dae3ebe59740cce7ed44cc4b19a0a5098010e205fa2c49a454a853a10
SSDEEP

3072:pFL41HA8UFZh09YJylW9LuYrBoz2z6wSb43rknmLr1i1JGZs49koDvjvGPhNjlPv:vSALTbF9XGQOJVIvzBWurIvzG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42f2f89892142139408d305c13f83614_JaffaCakes118

Files

42f2f89892142139408d305c13f83614_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9c1201a23bf5da965c74cbd3a8eaac1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHGetValueA
SHSetValueA
SHDeleteValueA
SHDeleteKeyA
wnsprintfA

kernel32

InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
InterlockedDecrement
lstrlenA
GetTickCount
GetFileAttributesExA
GetDriveTypeA
GetLogicalDrives
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFilePointer
ReadFile
GetFileSize
CopyFileA
CreateDirectoryA
DeviceIoControl
lstrcpyA
FlushInstructionCache
InterlockedIncrement
lstrcmpiA
CompareStringA
GetVersionExA
Sleep
GetCommandLineA
FreeResource
WritePrivateProfileStringA
CreateThread
LoadLibraryW
MultiByteToWideChar
CloseHandle
SetEndOfFile
GetCurrentThreadId
FlushFileBuffers
SetStdHandle
GetStringTypeW
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
WideCharToMultiByte
HeapSize
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
SetLastError
TlsAlloc
GetVersion
GetStartupInfoA
FreeLibrary
GetModuleHandleA
HeapAlloc
HeapFree
ExitThread
TlsGetValue
TlsSetValue
ResumeThread
TerminateProcess
ExitProcess
RtlUnwind
GetTempPathA
GetTempFileNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
ExpandEnvironmentStringsA
GetWindowsDirectoryA
GetSystemDirectoryA
FindFirstFileA
FindNextFileA
FindClose
DeleteFileA
SetFileAttributesA
MoveFileExA
GetFileAttributesA
GetLastError
GetStringTypeA
GetCurrentProcess

user32

InvalidateRect
DialogBoxParamA
GetActiveWindow
DefWindowProcA
MessageBoxA
EnableWindow
SetWindowTextA
GetDlgItem
SendMessageA
LoadImageA
GetSystemMetrics
EndDialog
DestroyWindow
GetTopWindow
SetRectEmpty
CallWindowProcA
IsWindowEnabled
GetSysColor
GetFocus
DrawFocusRect
FillRect
GetDlgCtrlID
CreateWindowExA
DrawTextA
GetClassNameA
CreateCursor
GetWindowTextLengthA
GetWindowTextA
GetDC
OffsetRect
CharNextA
BeginPaint
EndPaint
LoadStringA
ReleaseDC
PtInRect
SetCursor
UpdateWindow
SetFocus
SetCapture
GetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
SetWindowLongA
IsWindow
DestroyCursor
GetWindowLongA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos

gdi32

SetTextColor
DeleteDC
GetStockObject
GetObjectA
CreateFontIndirectA
SelectObject
DeleteObject
SetBkMode

advapi32

CreateServiceA
OpenServiceA
CloseServiceHandle
RegFlushKey
QueryServiceStatus
RegEnumKeyA
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
RegCloseKey
StartServiceA
OpenSCManagerA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CoInitialize
CoUninitialize

comctl32

InitCommonControlsEx
_TrackMouseEvent

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

urlmon

URLDownloadToFileA

netapi32

Netbios

wininet

HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCloseHandle
HttpSendRequestA

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9c1201a23bf5da965c74cbd3a8eaac1

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

version

urlmon

netapi32

wininet

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 26KB

.rsrc Size: 232KB - Virtual size: 231KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 26KB

.rsrc
Size: 232KB - Virtual size: 231KB