42f7492f8ee86f61c6214459c5f11a3b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42f7492f8ee86f61c6214459c5f11a3b_JaffaCakes118
Size

1.3MB
MD5

42f7492f8ee86f61c6214459c5f11a3b
SHA1

9200d782c7ba30bd2dda62170525ca4446402f3b
SHA256

9aa36cc870b8e1662f7de73715d59e92ae06a07dca56ad799d4891e61f145b50
SHA512

7ba37115b99b2cabd413c7829b50a7758d1f08a5f3bcd069e5adcde07262b7df6269f4994a459417cb9fc2caa8c7be59c4157fc5989cbff95e2b0b9fba32e744
SSDEEP

24576:x43cMJRD1eB+PM5ac9UKmTj5Xr63z7EFY31BvnblVXpcMLJObgza7VqBfX:x43nD1dEMRKmfZ2z4OBPblV/LJOacmX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42f7492f8ee86f61c6214459c5f11a3b_JaffaCakes118

Files

42f7492f8ee86f61c6214459c5f11a3b_JaffaCakes118
.exe windows:1 windows x86 arch:x86

85084207fcb5aa775bed7bdb5ac7a431

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
GetDevicePowerState
PeekConsoleInputA
GetDllDirectoryA
GetConsoleOutputCP
GetFileAttributesExA
GetModuleFileNameA
FindFirstVolumeMountPointA
GetProcessPriorityBoost
WriteConsoleOutputCharacterA
ReadConsoleOutputA
SetLocalPrimaryComputerNameA
GetCurrentThreadId
SetFileAttributesA
GetComputerNameA
QueueUserAPC
AllocConsole
OpenWaitableTimerA
GetFileTime
LocalFlags
TermsrvAppInstallMode
GetFullPathNameA
RequestDeviceWakeup
GetModuleHandleA
OpenMutexA
CommConfigDialogA
SetConsoleTitleA
WriteConsoleA
SetFirmwareEnvironmentVariableA
SetConsoleHardwareState
FlushConsoleInputBuffer
WriteConsoleOutputA
GetProcessShutdownParameters
UnlockFileEx
GetPrivateProfileSectionNamesA
CreateSocketHandle
OpenSemaphoreA
DeleteFileA
CreateFileA
DuplicateConsoleHandle
IsProcessorFeaturePresent
GetThreadSelectorEntry
CreateDirectoryExA
GetVolumePathNameA
WaitForSingleObjectEx
HeapCreate
QueryPerformanceCounter
TerminateJobObject
GetDriveTypeA
WriteConsoleOutputAttribute
SetConsoleInputExeNameA
GetSystemWindowsDirectoryA
VirtualAlloc
GetLogicalDriveStringsA
Module32First
WriteConsoleInputA
GetCurrentProcess
LCMapStringA
GetLocaleInfoA
EnumUILanguagesA
ShowConsoleCursor
GetModuleFileNameA
SetFileAttributesA
VirtualQuery
DefineDosDeviceA
HeapSize
IsBadWritePtr
BuildCommDCBAndTimeoutsA
SetDefaultCommConfigA
GetConsoleWindow
GetProcAddress
Process32First
GetProcessTimes
FindVolumeMountPointClose
GetConsoleKeyboardLayoutNameA
GetConsoleAliasesA
BeginUpdateResourceA
GlobalUnWire
GetComputerNameExA
GetUserDefaultLangID
CompareStringA
GetThreadPriorityBoost
FillConsoleOutputCharacterA
IsBadStringPtrA
GetProfileSectionA
ReplaceFile
GetWindowsDirectoryA
GlobalFix
QueryInformationJobObject
GetLogicalDriveStringsA
GetCurrentProcess
GetVolumePathNameA
SetThreadIdealProcessor
GetStringTypeExA
OpenThread
EnumSystemGeoID
GetProfileSectionA
TerminateJobObject
GetExitCodeProcess
GetFileSizeEx
GetFullPathNameA
GetCurrentProcessId
ClearCommBreak
RemoveDirectoryA
ExitProcess
SetConsoleActiveScreenBuffer
RemoveDirectoryA
WriteProfileSectionA
GlobalReAlloc
ClearCommError
FlushViewOfFile
GetVolumePathNameA
lstrcat
VirtualAllocEx
ReadConsoleOutputCharacterA
OpenEventA
GetConsoleCommandHistoryA
QueryMemoryResourceNotification
GetConsoleScreenBufferInfo
GetDiskFreeSpaceA
GetSystemDirectoryA
GetVersionExA
GetLocaleInfoA
EscapeCommFunction
ClearCommError
ResetEvent
CreateDirectoryExW
GetCommTimeouts
HeapSize
GetCurrentDirectoryA
GetProcessIoCounters
GetWriteWatch

ntdll

RtlGetLastWin32Error

user32

DestroyWindow

advapi32

AddAccessDeniedAceEx

Sections

.text
Size: 359KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 772KB - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 171KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

85084207fcb5aa775bed7bdb5ac7a431

Headers

File Characteristics

Imports

kernel32

ntdll

user32

advapi32

Sections

.text Size: 359KB - Virtual size: 360KB

.idata Size: 772KB - Virtual size: 776KB

.rsrc Size: 32KB - Virtual size: 36KB

.text Size: 171KB - Virtual size: 172KB

.text
Size: 359KB - Virtual size: 360KB

.idata
Size: 772KB - Virtual size: 776KB

.rsrc
Size: 32KB - Virtual size: 36KB

.text
Size: 171KB - Virtual size: 172KB