04d0bee53036ef5edf053f19611d50b6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04d0bee53036ef5edf053f19611d50b6_JaffaCakes118
Size

19KB
MD5

04d0bee53036ef5edf053f19611d50b6
SHA1

1ebf2bdb8f2dc83d361387c4d0423980f9f37359
SHA256

a4079840d446dcdcaea4e18f359e98ef75a985158a9077cc02f834e786ff05e7
SHA512

7f36b04c45f632d5545cb6f0ddbce3a205a706583ef889801c588b52660670c76a4c4a97172223799c6a71b4238f3fcf1f070118f40050f6cf7e2f28e8fdb64a
SSDEEP

384:BcS4ElmelVfkZghIrDB4gXmboN4zjgjZBLStyHKzRCNS:BcfGlV8Z08DDXGjzh6KN8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04d0bee53036ef5edf053f19611d50b6_JaffaCakes118

Files

04d0bee53036ef5edf053f19611d50b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9853762b9191a167b9a9628619fe6978

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
GetLocalTime
GetTickCount
GetVersionExA
GetSystemDirectoryA
DeviceIoControl
lstrcpyA
Sleep
GetProcAddress
LoadLibraryA
FreeLibrary
LocalFree
MapViewOfFile
UnmapViewOfFile
ExitProcess
DeleteFileA
WinExec
GetLastError
ReleaseMutex
CloseHandle
CreateFileA
CreateMutexA
GetProcessHeap
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc

advapi32

SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetSecurityInfo

msvcrt

strcpy
strcat
sprintf
fopen
memset
fputs
freopen
fclose
isdigit
strlen
vsprintf
atoi
__CxxFrameHandler
fgets
_itoa

msvcp60

?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADPAD0@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

iphlpapi

GetAdaptersInfo

rpcrt4

UuidCreate

urlmon

URLDownloadToFileA

Sections

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9853762b9191a167b9a9628619fe6978

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

msvcp60

iphlpapi

rpcrt4

urlmon

Sections

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 13KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 13KB - Virtual size: 13KB