842461a120464a84af356ec2b90ee734_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

842461a120464a84af356ec2b90ee734_JaffaCakes118
Size

6.5MB
MD5

842461a120464a84af356ec2b90ee734
SHA1

7081520cb96e9b92bf5d740fbad98953fe05a766
SHA256

7e6cadae57bfbc5750b410d7435be0270a4f77361ee994bac78fd7ae91858a45
SHA512

0e2232637c552668d6ce8510b5e3752d6c9b3496269e5b70eca29d9b822b1095ff308adc401af4a88aa4ff64a2218a2a48eed2230f650bb32af71d6be04146f2
SSDEEP

196608:WQUxh1jgGrVbc5CdhRZ3HwomYSDk87haU:WQU9nVbxdfNmrhaU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
842461a120464a84af356ec2b90ee734_JaffaCakes118

Files

842461a120464a84af356ec2b90ee734_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db3ba7bdaf6e9b811c7509ee4e198c23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeW
CreatePipe
SetupComm
SwitchToFiber
GetStartupInfoA
SetEnvironmentVariableW
SetProcessAffinityMask
FreeLibraryAndExitThread
GetNumberFormatW
GetDiskFreeSpaceExA
GetProcessTimes
ReadConsoleA
CreateProcessA
SetConsoleCursorPosition
GetCommModemStatus
MoveFileW
VirtualAllocEx
GetLongPathNameA
ReadFile
SetHandleCount
SetMailslotInfo
CreateMutexW
GetThreadContext
UnhandledExceptionFilter
Beep
SetProcessShutdownParameters
UnmapViewOfFile
SetStdHandle
GetFileInformationByHandle
CreateDirectoryW
SetLastError
EnumResourceNamesA
FindFirstFileA
MultiByteToWideChar
_lopen
GlobalReAlloc
FindFirstFileW
LeaveCriticalSection
FindResourceExW
GetSystemTimeAdjustment
WriteConsoleOutputW
GetTempPathW
GlobalDeleteAtom
IsBadStringPtrA
SizeofResource
FlushConsoleInputBuffer
GlobalFlags
IsValidLocale
GetCurrentProcessId
GetSystemDefaultLangID
GetCompressedFileSizeW
GetWindowsDirectoryA
GetDriveTypeA
LocalAlloc
lstrcmpiA
WriteProcessMemory
GlobalFindAtomA
SetEndOfFile
SetThreadLocale
SystemTimeToFileTime
GetACP
GetConsoleMode
CreateMutexA
FreeLibrary
LocalSize
SetCommTimeouts
PurgeComm
FindResourceExA
EnumCalendarInfoA
WritePrivateProfileSectionA
GlobalAddAtomW
PeekConsoleInputW
OpenFile
VirtualAlloc
GetVersion
SetEvent
VirtualUnlock
VirtualFree
WritePrivateProfileStringA
SetCommMask
FileTimeToLocalFileTime
RaiseException
_lclose
SetVolumeLabelA
GetStringTypeExW
IsProcessorFeaturePresent
VirtualProtect
FlushFileBuffers
FormatMessageW
SetFileAttributesA
GetFileAttributesExA
LCMapStringA
GetConsoleCursorInfo
OutputDebugStringW
SetThreadPriorityBoost
FindNextChangeNotification
lstrcmpiW
RemoveDirectoryA
GetThreadPriority
ReleaseSemaphore
MoveFileExA
SetThreadAffinityMask
EndUpdateResourceA
ReadDirectoryChangesW
EnumDateFormatsW
ExitProcess

user32

GetClassInfoExA
UnregisterClassW
ScreenToClient
SetTimer
GetParent
DrawTextA
TranslateMessage
GetWindowWord
IsDlgButtonChecked
ActivateKeyboardLayout
GetActiveWindow
MapVirtualKeyW
SendMessageTimeoutW
EnumWindows
PostQuitMessage

gdi32

IntersectClipRect

comdlg32

ChooseColorA
CommDlgExtendedError

advapi32

IsTextUnicode
CryptGenRandom

shell32

SHLoadInProc
SHChangeNotify
SHAddToRecentDocs
ShellExecuteA
ExtractIconA
SHGetDesktopFolder

ole32

CreateOleAdviseHolder
CoReleaseMarshalData
StgOpenStorage
CoResumeClassObjects
CoFreeAllLibraries

oleaut32

SetErrorInfo
SafeArrayGetElement
VariantChangeType
SysAllocStringLen
SafeArrayUnaccessData
VariantCopy
SysFreeString

comctl32

ImageList_BeginDrag
ImageList_GetBkColor
ImageList_Replace
ImageList_SetDragCursorImage

shlwapi

AssocQueryStringW
PathIsPrefixW
AssocCreate
SHSetValueA
PathRemoveBackslashA
SHGetValueA
StrDupA
PathCombineA
StrCmpW
PathUndecorateW
UrlIsW
PathIsURLW
StrTrimW
PathIsFileSpecW
UrlGetPartA
StrRetToStrW
PathIsUNCA
StrRChrA

msvcrt

_umask
iswxdigit
_fstat
_isatty
_itow
_mbsncmp
_dup2
_isctype
setlocale
wprintf
fwprintf
vwprintf
_spawnvp
fopen
_get_osfhandle
_mkdir
_wctime
setvbuf
wcscmp
_waccess
_wfsopen
_getcwd
_fdopen
wcsftime
strchr
sprintf
realloc
_getmbcp
wcstol
isleadbyte
fgetc
_cexit
_ultoa
_wspawnv

Sections

.text
Size: 4KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db3ba7bdaf6e9b811c7509ee4e198c23

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 4KB - Virtual size: 6.4MB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 6.4MB - Virtual size: 6.4MB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 4KB - Virtual size: 6.4MB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 6.4MB - Virtual size: 6.4MB

.rsrc
Size: 68KB - Virtual size: 66KB