42c143c9f65cc4854f01e3727ceb6a58_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42c143c9f65cc4854f01e3727ceb6a58_JaffaCakes118
Size

492KB
MD5

42c143c9f65cc4854f01e3727ceb6a58
SHA1

41d5c4cf38f7e6c1cf22ecbd3961956931873250
SHA256

c9b39eab536a2a23169d2e9a7af74def5fd31a7e76d2d6a70641594f2ace89e1
SHA512

e0fd18ef3ebfab76fcb022d0edd29f5cb47da6077fc18cc09a9c70c2ec3aa5c1ba41f023c6c9790ce9f305d805f1123dae4e1ba593930cbf46163fe92ecc210a
SSDEEP

12288:DVX9PmxlXqwPgO2oiAMUi24b11QzD8WYIPUZcG8j5Yi5HLoRt6b9:5X9OxdrPnMF2I1NXuG8111Iq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42c143c9f65cc4854f01e3727ceb6a58_JaffaCakes118

Files

42c143c9f65cc4854f01e3727ceb6a58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b42bc47e5749efa02169065c994eab33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextW
CryptGenKey
RegQueryInfoKeyW
CryptGetProvParam
RegEnumKeyW
RegCreateKeyA
RegReplaceKeyW
LookupAccountNameA
CryptGetKeyParam
CryptGetHashParam
CryptDecrypt
CryptExportKey
CryptSignHashW
RegEnumKeyExW
InitiateSystemShutdownA
RegEnumValueA

user32

SendInput
ValidateRgn
RemovePropA
SetPropW
SetForegroundWindow

shell32

SHUpdateRecycleBinIcon
SHGetDataFromIDListW
DragQueryFileAorW
SheSetCurDrive
SHFreeNameMappings
SHFileOperationA
FindExecutableW
SHGetSpecialFolderPathW
ExtractIconExW
SHInvokePrinterCommandA
InternalExtractIconListA
RealShellExecuteW
ExtractIconW
ShellAboutW
DragQueryFileW
ExtractAssociatedIconA
SHLoadInProc
DoEnvironmentSubstA
DragAcceptFiles

gdi32

PolyPolyline
CreateICA
SetDIBitsToDevice
GetGlyphOutlineW

kernel32

RemoveDirectoryA
TerminateProcess
GetLongPathNameW
RtlUnwind
GetDriveTypeA
VirtualFree
WideCharToMultiByte
GetFileType
LoadLibraryA
EnumSystemLocalesA
GetACP
InterlockedDecrement
GetTimeZoneInformation
InterlockedIncrement
IsValidLocale
IsValidCodePage
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
HeapReAlloc
ExitProcess
GetConsoleScreenBufferInfo
EnumDateFormatsExW
GetCurrentProcessId
GetCommandLineA
GetModuleFileNameA
GetStartupInfoA
GetStdHandle
QueryPerformanceCounter
GetLogicalDrives
GlobalAddAtomW
SetConsoleCtrlHandler
InitializeCriticalSection
GetCurrentThreadId
GetProcAddress
FreeEnvironmentStringsA
GetEnvironmentStringsW
OutputDebugStringA
FindNextFileW
CompareStringW
LCMapStringW
GetTickCount
GetCPInfo
LocalLock
SetCriticalSectionSpinCount
SetLastError
GetOEMCP
GetVersionExA
GetModuleHandleA
SetEnvironmentVariableA
DebugBreak
TlsSetValue
HeapValidate
IsBadWritePtr
HeapDestroy
VirtualAlloc
GetEnvironmentStrings
VirtualFreeEx
TlsFree
OpenSemaphoreA
HeapAlloc
InterlockedExchange
IsBadReadPtr
GetTimeFormatA
MultiByteToWideChar
SetStdHandle
SetHandleCount
GetStringTypeA
EnterCriticalSection
FreeEnvironmentStringsW
CompareStringA
TlsAlloc
VirtualQuery
LCMapStringA
GetStringTypeW
GetLastError
VirtualProtect
UnhandledExceptionFilter
OpenEventA
GetLocaleInfoW
DeleteCriticalSection
SetFilePointer
HeapFree
CloseHandle
GetSystemTimeAsFileTime
GetCurrentThread
WriteFile
TlsGetValue
HeapCreate
LeaveCriticalSection
GetSystemInfo
FlushFileBuffers
GetCurrentProcess

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b42bc47e5749efa02169065c994eab33

Headers

File Characteristics

Imports

advapi32

user32

shell32

gdi32

kernel32

Sections

.text Size: 162KB - Virtual size: 162KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 162KB - Virtual size: 162KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 11KB - Virtual size: 11KB