42e8d2966b322416cf90515889364300_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42e8d2966b322416cf90515889364300_JaffaCakes118
Size

28KB
MD5

42e8d2966b322416cf90515889364300
SHA1

3cf3a8e9b50adb5697d43d301d6a9609c799eccd
SHA256

1e23605587392ea876d2ce24968f7adcc0063611ade842b8d8abeb485ff36c65
SHA512

dabfc4a719970ab8697d3e8fa8e6c525614045db56fd059ec2ee5f5468a75b284b270774cbd77a6492c7dce58582f7ec22dea1fbb9a662f03e33af61a222a21b
SSDEEP

384:i1kxF0dNGVmak4eDOHksDiZfVoioqyS62VX2HAdXTHJGHhyQQId1/VXtk48:i1knaOHk0idVqT6XTHJYdQId1PZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42e8d2966b322416cf90515889364300_JaffaCakes118

Files

42e8d2966b322416cf90515889364300_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b46e70c921de7d7741c17e26f2a7bb71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
HeapDestroy
GetProcessHeap
HeapDestroy
VirtualAlloc
GetCurrentProcess
Sleep
LocalAlloc
VirtualProtect
GetSystemTimeAsFileTime
LoadLibraryA
HeapFree
lstrcmpiW
LocalFree
InterlockedDecrement
LeaveCriticalSection
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetModuleHandleW
LoadLibraryA
GetModuleHandleA
SetLastError
FreeLibrary
FreeLibrary
GetCurrentThreadId
CreateThread
GetSystemTimeAsFileTime
LoadLibraryW
GetCurrentThreadId
InterlockedExchange
lstrcmpiW
CreateThread
InterlockedCompareExchange
GetSystemTimeAsFileTime
CreateEventW
VirtualProtect
GetCurrentThreadId
CreateThread
GetSystemTimeAsFileTime
InitializeCriticalSection
LocalAlloc
VirtualProtect
EnterCriticalSection
VirtualAlloc
SetLastError
HeapDestroy
VirtualAlloc
GetModuleFileNameA
CreateEventW
SetLastError
GetModuleFileNameA
LoadLibraryW
InterlockedExchange
InterlockedDecrement
CreateThread
GetLastError
GetTickCount

gdi32

SetWindowOrgEx
CreateFontA
Rectangle
GetCurrentObject
GetBkColor
GetBkMode
SetTextColor
CombineRgn
SetBrushOrgEx
SelectObject
GetBkMode
GetWindowExtEx
Ellipse
LineTo
BitBlt
SetBkMode
PatBlt
CreateSolidBrush
BitBlt
CreateDIBitmap
SetBkMode
GetBkColor
CreateSolidBrush
SetWindowExtEx
SetBkMode
Rectangle
SetBkMode
GetBrushOrgEx
MoveToEx
Ellipse
StretchBlt
SetPixel
GetBkMode
CreateSolidBrush
GetBrushOrgEx
CreateRectRgn
GetBkMode
MoveToEx
BitBlt
PatBlt
CreatePen
GetCurrentObject
CreateSolidBrush
CreateDIBitmap
BitBlt
GetPixel
CreateBitmapIndirect
GetBkColor
CreatePen
SetBkMode
GetCurrentObject
SetWindowExtEx
CreateFontIndirectA
Rectangle
SetWindowOrgEx
GetPixel
GetCurrentObject
CreateCompatibleDC
CreateRectRgn
Polygon

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b46e70c921de7d7741c17e26f2a7bb71

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 13KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB