08e512f97db56895a93b1b98502f1332_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08e512f97db56895a93b1b98502f1332_JaffaCakes118
Size

276KB
MD5

08e512f97db56895a93b1b98502f1332
SHA1

389316101d6af359a5409bf52dbb7c74b182603f
SHA256

b189389b1eecc61c4c7a698b1744f9ff8704e259817e0ad19a735b0f91e823c3
SHA512

b3c337e61fe3d61509f025b269c864802be01666fbfe5a4a860fb461bdb05980140ab6f362fec0aba4a80288bb5bf00773619a81c346582c98f7263e510e346f
SSDEEP

6144:QPEXpHxvGZXPfIYpyMi76cMjDkY6RLr1kIkqjIpP/Q/Oz64BXq5H:EiQnpyc6RHWJcAnIQ64BXq5H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08e512f97db56895a93b1b98502f1332_JaffaCakes118

Files

08e512f97db56895a93b1b98502f1332_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4a4213a893fcc0dda7154fa1c48f33d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
memmove
_access
mktime
gmtime
strchr
__set_app_type
_except_handler3
_adjust_fdiv
__p__fmode
__p__commode
__getmainargs
__setusermatherr
_initterm
_exit
_acmdln
_XcptFilter
exit
_onexit
__dllonexit
strcspn
_chdir
strncpy
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_strupr
_chmod
_strnicmp
_ltoa
_stricmp
_strlwr
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
atoi
memset
printf
strcpy
memchr
??2@YAPAXI@Z
__CxxFrameHandler
abs
memcpy
strlen
_itoa
atol
strcat
sprintf
isdigit
strstr
rand
srand
free
malloc
time
_chdrive
_ftol
strcmp
memcmp

wsock32

shutdown
WSAGetLastError
WSAAsyncSelect
recv
send
select
WSAStartup
closesocket
connect
ioctlsocket
WSACleanup
htons
gethostbyname
socket

kernel32

MultiByteToWideChar
lstrlenA
GetFileSize
FreeResource
GetVersionExA
OpenProcess
TerminateProcess
InterlockedDecrement
LocalAlloc
InterlockedExchange
GetCurrentProcess
GetStartupInfoA
CopyFileA
WritePrivateProfileStringA
GetLastError
lstrcmpiA
GetWindowsDirectoryA
WaitForSingleObject
CreateEventA
FormatMessageA
LocalFree
RaiseException
GetTempFileNameA
DeleteFileA
GetModuleFileNameA
GetFileTime
FileTimeToSystemTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalReAlloc
GlobalAlloc
GetModuleHandleA
GetTickCount
SizeofResource
RemoveDirectoryA
CloseHandle
WriteFile
CreateFileA
ReadFile
WinExec
GetTempPathA
LockResource
LoadResource
LoadLibraryA
FindResourceA
FreeLibrary
GetProcAddress
OutputDebugStringA
GetSystemDirectoryA
CreateDirectoryA
Sleep

user32

TrackPopupMenuEx
EnableMenuItem
DestroyMenu
LoadCursorA
RegisterClassExA
SetFocus
CheckMenuItem
DeleteMenu
FindWindowA
GetDesktopWindow
CreateDialogParamA
MessageBoxA
GetDlgCtrlID
SetDlgItemTextA
LoadIconA
SetWindowPos
EnableWindow
GetDlgItem
GetMessageA
MoveWindow
SetWindowTextA
DestroyIcon
SetForegroundWindow
DialogBoxParamA
IsWindowVisible
EndDialog
DestroyWindow
LoadStringA
PeekMessageA
PostQuitMessage
TranslateMessage
DispatchMessageA
DefWindowProcA
CreateWindowExA
SendMessageA
GetParent
GetDC
GetClientRect
BeginPaint
EndPaint
InvalidateRect
SetWindowLongA
IsWindow
GetWindowLongA
CallWindowProcA
LoadImageA
GetActiveWindow
GetCursorPos
GetAsyncKeyState
LoadMenuA
ShowWindow
GetSubMenu
SetTimer
ScreenToClient
IsIconic
GetWindowRect
PostMessageA
ReleaseDC
KillTimer
GetWindowThreadProcessId

gdi32

SetBkColor
CreatePalette
SelectPalette
CreateSolidBrush
SetTextColor
StretchBlt
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
RealizePalette
GetObjectA
CreateFontA
GetDIBColorTable

advapi32

LookupPrivilegeValueA
RegCreateKeyExA
RegConnectRegistryA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumValueA
RegEnumKeyExA
AdjustTokenPrivileges
OpenProcessToken

shell32

Shell_NotifyIconA
ShellExecuteA

urlmon

URLDownloadToCacheFileA
URLDownloadToFileA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

InternetGetConnectedState

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromString

oleaut32

SysAllocString
VariantClear
SysFreeString

Sections

s1
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

s2
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

s3
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4a4213a893fcc0dda7154fa1c48f33d

Headers

File Characteristics

Imports

msvcrt

wsock32

kernel32

user32

gdi32

advapi32

shell32

urlmon

version

wininet

ole32

oleaut32

Sections

s1 Size: 148KB - Virtual size: 148KB

s2 Size: 120KB - Virtual size: 120KB

s3 Size: 4KB - Virtual size: 4KB

s1
Size: 148KB - Virtual size: 148KB

s2
Size: 120KB - Virtual size: 120KB

s3
Size: 4KB - Virtual size: 4KB