006f8bb0a18304e91d369da1f927b6d9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

006f8bb0a18304e91d369da1f927b6d9_JaffaCakes118
Size

48KB
MD5

006f8bb0a18304e91d369da1f927b6d9
SHA1

f40670d63de09f520e07986c4faab982996ab296
SHA256

bbb413d1aaa06e3f3fb964777b280d1b914f19a4597bd1ffe07c3e9bef766ca2
SHA512

862ad13a86a2638ffceb300a6902e571c63abbb743936794fc719de7d9919c55205546bda3f5d7a791b663198138d8eccfb28edfecc64d068e58cf5f425b3b3e
SSDEEP

768:qox13msjD9GFBcMu4kb2sU7ILvdiROjZuoExjKJ0zEus+yC9sWT6uY:q897dMyb2IiRCakFuTx9sWT7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
006f8bb0a18304e91d369da1f927b6d9_JaffaCakes118

Files

006f8bb0a18304e91d369da1f927b6d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82ba85e52688360b7f98aa5ad644f8ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CloseHandle
DeviceIoControl
lstrcatA
GetSystemDirectoryA
GetVolumeInformationA
ExitProcess
TerminateProcess
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
IsBadWritePtr
GetComputerNameA
WriteFile
lstrlenA
GetVersionExA
GetTempPathA
CreateProcessA

user32

wsprintfA
GetDlgItem

shell32

SHChangeNotify
ShellExecuteExA

msvcrt

rand
??3@YAXPAX@Z
__CxxFrameHandler
_snprintf
srand
time
strncat
atoi
_except_handler3
strncpy
_strdup
sprintf

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Xlen@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z

wininet

InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

82ba85e52688360b7f98aa5ad644f8ca

Headers

File Characteristics

Imports

kernel32

user32

shell32

msvcrt

msvcp60

wininet

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 34KB - Virtual size: 36KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 34KB - Virtual size: 36KB