842b9708b8629487d94bfb0414a9a1e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

842b9708b8629487d94bfb0414a9a1e9_JaffaCakes118
Size

425KB
MD5

842b9708b8629487d94bfb0414a9a1e9
SHA1

bdba4798b9ab4565c914a29cacc40de9176f5db7
SHA256

07c5363b71068718be94846b563ab881d5190baccc9751fdc009eee0d000a1d8
SHA512

5ccd31dea06e641ecdf26d729d0d3b6e24c0ee2d7ab1709059627c572e8d8ac835ed7b5677a30ec9d0b8fbe4867313eeb86be464f923c636530ea7c3f2c6356c
SSDEEP

6144:NyhlIBehR8wS8SbHmHO0mGnZ+aZ4nYg2xGGLsfxyYbI3KWNkoALQsiqh:NolIBeD83NbcO0mMLZessbM3KAALQx6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
842b9708b8629487d94bfb0414a9a1e9_JaffaCakes118

Files

842b9708b8629487d94bfb0414a9a1e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8edea81652b06bf604ed5e9e737dcc54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetUserObjectInformationW
DdeUninitialize
DragDetect
DdeQueryConvInfo
GetMenu
SendNotifyMessageW

gdi32

DrawEscape
UpdateICMRegKeyW
GetBrushOrgEx
GetViewportExtEx
SaveDC
PlayEnhMetaFile
UnrealizeObject
FlattenPath
Rectangle
DeleteObject
SetMetaRgn
SetStretchBltMode
RestoreDC
SetRectRgn
EnumFontFamiliesW
GetViewportOrgEx
CreateEllipticRgn
GetMiterLimit
CreateDCW
SetColorSpace
CreateDIBitmap
GetPixel

shell32

SHInvokePrinterCommandW
SHQueryRecycleBinW
RealShellExecuteW
ShellExecuteA
SHGetSpecialFolderPathA
SHGetPathFromIDListA
ShellExecuteEx
SheChangeDirExW
SHFileOperation
DragAcceptFiles
FindExecutableW
SHGetSpecialFolderPathW
ExtractAssociatedIconA
SHBrowseForFolderW
SheSetCurDrive
SHGetDataFromIDListA

wininet

FtpRemoveDirectoryW
ShowX509EncodedCertificate
ShowClientAuthCerts
InternetQueryDataAvailable
FindNextUrlCacheEntryExA
InternetConnectW
IncrementUrlCacheHeaderData
DeleteUrlCacheEntryA
FindNextUrlCacheEntryA
GetUrlCacheHeaderData
IsHostInProxyBypassList
InternetGetCookieA

kernel32

GetStartupInfoA
IsValidCodePage
GetLocaleInfoA
GetSystemTimeAsFileTime
GetModuleFileNameA
TlsFree
GetLocaleInfoW
Sleep
ExitProcess
WriteFile
GetStringTypeW
TlsGetValue
GetFileType
GetProcAddress
GetACP
SetLastError
LoadLibraryA
VirtualQuery
HeapDestroy
LCMapStringA
RtlUnwind
IsDebuggerPresent
HeapReAlloc
VirtualAlloc
GetCurrentThread
MultiByteToWideChar
GetStdHandle
HeapSize
GetCurrentThreadId
GetStringTypeA
CommConfigDialogA
GetProcessHeap
GetUserDefaultLCID
VirtualFree
GetVersionExA
FreeEnvironmentStringsA
InitializeCriticalSection
CompareStringW
IsValidLocale
GetOEMCP
UnhandledExceptionFilter
SetEnvironmentVariableA
TlsSetValue
GetTimeFormatA
GetCurrentProcessId
InterlockedExchange
GetTickCount
GetLastError
GetCPInfo
HeapCreate
EnterCriticalSection
CompareStringA
InterlockedDecrement
HeapAlloc
FreeLibrary
LCMapStringW
InterlockedIncrement
WideCharToMultiByte
GetModuleHandleA
LeaveCriticalSection
ReadConsoleInputW
FreeEnvironmentStringsW
HeapFree
GetTimeZoneInformation
GetCurrentProcess
EnumSystemLocalesA
QueryPerformanceCounter
SetConsoleCtrlHandler
DeleteCriticalSection
OutputDebugStringW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
GetCommandLineA
GetEnvironmentStrings
VirtualProtect
SetHandleCount
GetDateFormatA

advapi32

CryptAcquireContextW
CryptSetProviderExA
RegEnumKeyW

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8edea81652b06bf604ed5e9e737dcc54

Headers

File Characteristics

Imports

user32

gdi32

shell32

wininet

kernel32

advapi32

Sections

.text Size: 140KB - Virtual size: 139KB

.data Size: 276KB - Virtual size: 287KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 140KB - Virtual size: 139KB

.data
Size: 276KB - Virtual size: 287KB

.rsrc
Size: 8KB - Virtual size: 8KB