07486ca7748cd2622166acc62254a517_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07486ca7748cd2622166acc62254a517_JaffaCakes118
Size

31KB
MD5

07486ca7748cd2622166acc62254a517
SHA1

b55a126051bc3261acf087a8d59cbef4273bce44
SHA256

f478f69f91f1cacd708a578e95116d2c275bd2eca16b5f7d001cad739e5ecda7
SHA512

a70d1f7faca066468ee4d2d95bbb21c366840f5c9826768ff241b5e8995b8482f0f9cfaf1efed07baea3c46a6cdae38656cd1ec1b16aa0d9a87cce2bc64267f2
SSDEEP

384:MPwIKPADk2CfsUQBA9IRnCU/V1apF5wTj6dydtLf/AuPKYR9D1xNZ:MYIKPAY2CfsJm9IRHjAuPKYtxNZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07486ca7748cd2622166acc62254a517_JaffaCakes118

Files

07486ca7748cd2622166acc62254a517_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70a697a1b5b863a8d024c143797a7b26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
GetModuleFileNameA
ExpandEnvironmentStringsA
GetModuleHandleA
GetLastError
CopyFileA
SetFileAttributesA
GetFileAttributesA
lstrcmpiA
GetTempPathA
CloseHandle
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
LoadLibraryA
CreateFileA
CreateMutexA
GetVersionExA
GetComputerNameA
GetLocaleInfoA
TerminateThread
WaitForSingleObject
lstrlenA
WriteFile
CreateDirectoryA
lstrcatA
GetDriveTypeA
GetLogicalDriveStringsA
GetStartupInfoA
ExitThread
GetTickCount
Sleep
ExitProcess
GetFileTime
CreateThread

user32

MessageBoxA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

shell32

SHGetSpecialFolderPathA

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?getline@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

ws2_32

getsockname
inet_addr
closesocket
recv
WSACleanup
select
send
htons
socket
connect
WSAStartup
gethostbyname

shlwapi

PathRemoveFileSpecA

wininet

InternetOpenA
InternetConnectA
HttpSendRequestA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
HttpOpenRequestA

msvcrt

sprintf
srand
strstr
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
strtok
atoi
exit
_XcptFilter
_exit
rand
time
strchr
localtime
free
__CxxFrameHandler
_snprintf
strncpy
memmove
strncmp
malloc

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70a697a1b5b863a8d024c143797a7b26

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcp60

ws2_32

shlwapi

wininet

msvcrt

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 1024B - Virtual size: 740B

.data Size: 3KB - Virtual size: 7KB

.idata Size: 5KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 1024B - Virtual size: 740B

.data
Size: 3KB - Virtual size: 7KB

.idata
Size: 5KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB