005dbab5d1bb750c4a8617cc3b091d3e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

005dbab5d1bb750c4a8617cc3b091d3e_JaffaCakes118
Size

237KB
MD5

005dbab5d1bb750c4a8617cc3b091d3e
SHA1

76f3d30725a3d3a8e6d552c23902f067aced6301
SHA256

3d2a6ce4f6562803073f3071d7f2dcbaed6c1e876dc538a1eced54132387c3ca
SHA512

ddbc996a44fb77239dcad8ffd85531e653e9688835d0f91518a64fe9c199053e6f10bbacb831c8cd809a4fe3aaede303becf1625c11529864459b4473cef26a7
SSDEEP

3072:IdTu9c71HnOeXU+HSkc+ju1og/DQxg64GmBjfWgwTq/lHLcev:IdTuqxOkUOru1og/mf4ZBfWYHg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
005dbab5d1bb750c4a8617cc3b091d3e_JaffaCakes118

Files

005dbab5d1bb750c4a8617cc3b091d3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4dcb0b6bb9c424dfc44a1dbbf464cdcf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CreateThread
GetLastError
CreateMutexA
GetTempPathA
GetSystemDirectoryA
Sleep
DeleteFileA
WaitForSingleObject
lstrcatA
GetLocalTime
GetCurrentProcess
WinExec
GetModuleFileNameA
OutputDebugStringA

user32

SetDlgItemTextA
SendDlgItemMessageA
UpdateWindow
ShowWindow
GetWindowLongA
FindWindowA

urlmon

URLDownloadToCacheFileA
URLDownloadToFileA

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

wininet

InternetGetConnectedState
HttpQueryInfoA
InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

winmm

timeGetTime

msvcp60

?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?getline@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_ifstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

shell32

ShellExecuteA

msvcrt

memcpy
_onexit
__dllonexit
fseek
ftell
strcmp
fread
atoi
__CxxFrameHandler
strrchr
_stricmp
fopen
fwrite
fflush
fclose
strcat
sprintf
strcpy
strlen
strchr
malloc
memset

Sections

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4dcb0b6bb9c424dfc44a1dbbf464cdcf

Headers

File Characteristics

Imports

kernel32

user32

urlmon

advapi32

wininet

winmm

msvcp60

shell32

msvcrt

Sections

.data Size: 11KB - Virtual size: 10KB

.CRT Size: 512B - Virtual size: 8B

.data
Size: 11KB - Virtual size: 10KB

.CRT
Size: 512B - Virtual size: 8B