42da3aa1f5d5bbc811966b7062708cbd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

42da3aa1f5d5bbc811966b7062708cbd_JaffaCakes118
Size

2.0MB
MD5

42da3aa1f5d5bbc811966b7062708cbd
SHA1

480110d382858dc0fa6e471698549ce3eb021c58
SHA256

f30925e9d57535b609b7d438df50fce638d62a485c9ff8f6e824640cbf2bdb0c
SHA512

3d5c75dee894a23fca263660f44ff97cca2c1dab9b77e05962dc035ebc551947e358c9ffbc1096a23c2f1d6974690656295d05ec8a390ac36865b28bca97ab43
SSDEEP

6144:BjDBFLs9e4I7EbzMQc4xfLfd4sNlUiWYzEOb7aMpYzX4cpr:FlFw9LC4xfLllUiWY4iY8kr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42da3aa1f5d5bbc811966b7062708cbd_JaffaCakes118

Files

42da3aa1f5d5bbc811966b7062708cbd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

167a26bdd38b3a97405b6d58dacdbb52

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
lstrcmpiW
LoadLibraryW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
GetCommandLineW
LockResource
OpenMutexW
CloseHandle
VirtualAlloc
VirtualFree
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetLastError
lstrlenW
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
RaiseException
RtlUnwind
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetStartupInfoW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate
HeapReAlloc
HeapSize
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LoadLibraryA

user32

CharNextW
DefWindowProcW
DestroyWindow

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoTaskMemRealloc
CoInitialize
CoCreateInstance

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

167a26bdd38b3a97405b6d58dacdbb52

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 219KB - Virtual size: 219KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 219KB - Virtual size: 219KB