42800d6e58afa01acb3da367889657fa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

42800d6e58afa01acb3da367889657fa_JaffaCakes118
Size

616KB
MD5

42800d6e58afa01acb3da367889657fa
SHA1

aa78d4be8f850a94b9bf3e8eb0d40ab144f64db3
SHA256

19b2bb72fc200ad67fa6850d84b1290ed3cbb624934b93fedb2b2eccd120a399
SHA512

5e4d177dec9928a8a83c5586c1c4d2a31b69bf3ec1bdf9b923d5af5a23795e284ec77cc28dbe57aec2c15fea87ca12dd29ebe0fa94b430e8f29e06029bfab3de
SSDEEP

12288:4wAMmytywu3xgBQXDYxR1oUpF0wNKyLMbqcorAvcEzbAohW6TZ5Q:4qbuKTDGwXM2cmSbhLQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42800d6e58afa01acb3da367889657fa_JaffaCakes118

Files

42800d6e58afa01acb3da367889657fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41f75ae08f374872d6356db62beb994e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\u

Imports

oleaut32

LoadTypeLi

advapi32

OpenProcessToken
RegDeleteKeyW
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExA
RegSetValueExW
SetFileSecurityW
RegOpenKeyExW
RegSetValueW
RegEnumKeyW
RegCreateKeyW
RegQueryValueW
RegQueryInfoKeyW
RegDeleteValueW
RegEnumValueW
RegCloseKey
RegOpenKeyW
GetFileSecurityW
GetUserNameW
RegCreateKeyExW
RegEnumKeyExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW
VerQueryValueA

kernel32

InterlockedIncrement
GetDateFormatA
GetFileType
CloseHandle
SetFilePointer
InterlockedDecrement
EnterCriticalSection
GetTimeZoneInformation
GetConsoleOutputCP
GetStartupInfoA
GetProcAddress
GetSystemTimeAsFileTime
SetHandleCount
GetLastError
DeleteCriticalSection
LCMapStringA
GetACP
TerminateProcess
SetConsoleCtrlHandler
GetLocaleInfoA
UnhandledExceptionFilter
SetStdHandle
LoadLibraryA
GetConsoleMode
WriteConsoleW
WriteConsoleA
CompareStringA
VirtualAlloc
FreeEnvironmentStringsW
VirtualFree
GetConsoleCP
HeapDestroy
WaitForSingleObject
LCMapStringW
HeapValidate
SetEnvironmentVariableA
MultiByteToWideChar
HeapCreate
LocalFree
HeapFree
TlsFree
CreateMutexW
GetEnvironmentStringsW
GetCurrentProcessId
GetTimeFormatA
SetLastError
SetUnhandledExceptionFilter
GetCurrentProcess
GetOEMCP
ReadFile
TlsGetValue
ExitProcess
InterlockedExchange
OutputDebugStringA
IsDebuggerPresent
QueryPerformanceCounter
RaiseException
IsValidCodePage
LoadLibraryW
GetModuleFileNameA
WriteFile
HeapReAlloc
GetTickCount
DebugBreak
HeapSize
OutputDebugStringW
LeaveCriticalSection
GetCommandLineW
CreateFileA
VirtualQuery
GetStdHandle
GetModuleFileNameW
GetStringTypeW
GetModuleHandleA
HeapAlloc
TlsAlloc
GetCurrentThreadId
GetCPInfo
CompareStringW
RtlUnwind
GetStringTypeA
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
WideCharToMultiByte
GetModuleHandleW
TlsSetValue
IsBadReadPtr
Sleep

ole32

OleIsCurrentClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoCreateInstance
CoDisconnectObject
OleCreateFromData
WriteClassStm

shell32

ExtractIconA
ShellExecuteA
ord155

winspool.drv

ord204
ClosePrinter

gdi32

OffsetViewportOrgEx
GetCurrentObject
DeleteObject
FillPath
SelectClipRgn

user32

GetScrollInfo
RegisterClassW
GetCapture
DestroyCursor
DrawTextW
CreateWindowExW
SetRect
GetParent
TranslateMessage
PostQuitMessage
wsprintfW
GetAncestor
IsWindow
CopyImage
LoadBitmapW
DestroyWindow
GetScrollPos
GetPropW
GetMenuStringW
EndDialog
DispatchMessageW
LoadMenuW
GetKeyState
GetWindowLongW
GetFocus
DrawFocusRect
WindowFromPoint
DestroyMenu
RemovePropW
DrawStateW
UnionRect
BeginDeferWindowPos
OffsetRect
LoadAcceleratorsW
TrackMouseEvent
CreateMenu
PostMessageW
ReleaseDC
BringWindowToTop
SetCursorPos
SetWindowsHookExW
GetClientRect
RegisterClassExW
GetForegroundWindow
GetWindowRect
CallWindowProcW
RegisterClipboardFormatW
GetActiveWindow
SetPropW
MapDialogRect
MessageBeep
GetAsyncKeyState
RedrawWindow
IsWindowEnabled
SubtractRect
ShowWindow
GetSysColor
TrackPopupMenu
GetDlgCtrlID
DrawIcon
SetWindowLongW
EqualRect
GetWindowThreadProcessId
EnableScrollBar
IsClipboardFormatAvailable
SetActiveWindow
TranslateMDISysAccel
PostThreadMessageW
DrawTextExW
GetClassInfoW
SetScrollPos
SystemParametersInfoA
SetScrollInfo
GetWindowPlacement
IsRectEmpty
SetForegroundWindow
OpenClipboard
EnableWindow
GetClassInfoExW
ValidateRect
GetNextDlgTabItem
IntersectRect
GetMenuItemCount
SetMenuItemInfoW
SetParent
GetIconInfo
EndDeferWindowPos
SetWindowRgn
EnumChildWindows
SendDlgItemMessageW
SetClassLongW
InsertMenuW
DrawIconEx
FrameRect
InvalidateRect
EnableMenuItem
SetTimer
GetClassNameW
GetWindowTextLengthW
UpdateWindow
CallNextHookEx
DefMDIChildProcW
DestroyAcceleratorTable
UnpackDDElParam
ScreenToClient
SetMenu
DefWindowProcW
MessageBoxW
CloseClipboard
IsIconic
RegisterWindowMessageW
IsMenu
LoadCursorW
GetCursorPos
InflateRect
DrawFrameControl
GetWindowTextW
DeferWindowPos
ClientToScreen
SetClipboardData
SetWindowPos
GetMessageW
FillRect
GetSystemMetrics
GetDesktopWindow
GetDC
SendMessageW
LockWindowUpdate
GetDlgItem
AdjustWindowRectEx
GetMenuState
InsertMenuItemW
PeekMessageW
ShowOwnedPopups
BeginPaint
TranslateAcceleratorW
GetLastActivePopup
ReleaseCapture
SetCapture
SystemParametersInfoW
SetWindowTextW
UnhookWindowsHookEx
MoveWindow
DeleteMenu
DestroyIcon
GetDCEx
SetCursor
KillTimer
DrawMenuBar
GetUpdateRect
GetWindow
GetMenuItemID
GetSubMenu
EndPaint
SetMenuItemBitmaps
SetFocus
CopyRect
GetSystemMenu
WaitMessage
SetWindowPlacement
IsWindowVisible
MapWindowPoints
CreatePopupMenu
DefFrameProcW
IsZoomed
LoadIconW
GetSysColorBrush
SetDlgItemInt
CharUpperW
SetMenuDefaultItem
CheckMenuItem
GetWindowDC

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41f75ae08f374872d6356db62beb994e

Headers

File Characteristics

PDB Paths

Imports

oleaut32

advapi32

version

kernel32

ole32

shell32

winspool.drv

gdi32

user32

Sections

.text Size: 228KB - Virtual size: 227KB

.rdata Size: 284KB - Virtual size: 283KB

.data Size: 72KB - Virtual size: 92KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 228KB - Virtual size: 227KB

.rdata
Size: 284KB - Virtual size: 283KB

.data
Size: 72KB - Virtual size: 92KB

.rsrc
Size: 28KB - Virtual size: 24KB