007f8c024c78455a337aa4e435d452c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

007f8c024c78455a337aa4e435d452c5_JaffaCakes118
Size

42KB
MD5

007f8c024c78455a337aa4e435d452c5
SHA1

99344775e976913336a36f93c48ad712b0cd4000
SHA256

2c136f5484690e12d106876dda7bec941cc1ae226ceea403a9173a815a0fb472
SHA512

22ca383ed07bbc36e3d422d0289324acb6116a3068d473f1861fcc7b49311a1e993fe7dd7157b20f33ea25001e864c318905ae95dcd895d8691ca9618ff3bf79
SSDEEP

768:QfLfJIReQr/Hxc5WTFf24ZoXnSbseb+9cXqBz/8T/tL6BhNlsfLfJIRe5:QfDJIRFrfxc+f2rOK2qeAB9sfDJIRo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
007f8c024c78455a337aa4e435d452c5_JaffaCakes118

Files

007f8c024c78455a337aa4e435d452c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a09773eed72fdac2ae42d5c5d979581

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

user32

BringWindowToTop
ShowWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
BlockInput
wsprintfA
CharLowerA
FindWindowExA
SendMessageA
IsWindow
FindWindowA
SetForegroundWindow
SetFocus
keybd_event
VkKeyScanA
GetWindowTextA
GetMenu
EnumWindows

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SysAllocString
VariantInit

kernel32

GlobalLock
GlobalUnlock
GlobalAlloc
GetLocaleInfoA
CreateMutexA
GetStartupInfoA
InterlockedDecrement
CopyFileA
CreateDirectoryA
GetVersionExA
FindClose
MultiByteToWideChar
GetWindowsDirectoryA
GetFileAttributesA
GetLogicalDriveStringsA
SetFileAttributesA
TerminateThread
GetDriveTypeA
FindFirstFileA
SetCurrentDirectoryA
GetFullPathNameA
lstrcatA
FindNextFileA
ReleaseMutex
GetFileSize
SetFilePointer
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalFree
lstrlenA
lstrcpyA
lstrcmpA
ExitThread
Sleep
ExitProcess
GetTempPathA
GetLastError
CreateThread
lstrcmpiA
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
CreateProcessA
CloseHandle
WriteFile
CreateFileA
ExpandEnvironmentStringsA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
LoadLibraryA
lstrcpynA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
strtok
_snprintf
strncpy
strstr
strlen
strcpy
strcmp
rand
sprintf
system
strchr
atoi
__CxxFrameHandler
_EH_prolog
srand
memset
memcpy
strcat
free
malloc
memcmp
_vsnprintf
??2@YAPAXI@Z
getenv

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

ws2_32

socket
WSACleanup
closesocket
sendto
htons
setsockopt
WSASocketA
WSAStartup
connect
ioctlsocket

urlmon

URLDownloadToFileA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1a09773eed72fdac2ae42d5c5d979581

Headers

File Characteristics

Imports

msvcp60

user32

ole32

oleaut32

kernel32

msvcrt

advapi32

ws2_32

urlmon

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 278KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 278KB