1bca302cbd48a1d8fda1099bbecee558_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1bca302cbd48a1d8fda1099bbecee558_JaffaCakes118
Size

45KB
MD5

1bca302cbd48a1d8fda1099bbecee558
SHA1

e85aecdbcfe24a32eed26e04c6bed7a39c133ed7
SHA256

8a681bcc340c12df90fe8c6de61ae521d3c0878b4f296c13db84da760de2e85e
SHA512

eb73df6d0b0a164d6b6f13e31aa427d69f94905bfe2e586167944afebf6780303b7ec5c9d862b826dce515f17543a0b3d2224ae506a85e2422ea35aa142c8a28
SSDEEP

768:3U9srxfeUQaU3JbEXEM3uvgM3LuB9KLPEB0UjHR4FgFLO16:3P1Gf3yXEM3uYM3CB9KwB0QR4cLO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bca302cbd48a1d8fda1099bbecee558_JaffaCakes118

Files

1bca302cbd48a1d8fda1099bbecee558_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5286c84d4736db497ee8bad9866e8844

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
InitializeCriticalSection
lstrcatA
GetTempPathA
GetCommandLineA
GetSystemDirectoryA
lstrcmpA
ExitProcess
TerminateProcess
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
CopyFileA
LeaveCriticalSection
CreateProcessA
GetLastError
CopyFileW
GetModuleFileNameW
MoveFileW
lstrcatW
lstrcpyW
GetProcAddress
LoadLibraryA
GetSystemDirectoryW
WaitForSingleObject
CreateMutexA
GetStartupInfoA
GetModuleHandleA
lstrcpyA
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
IsBadWritePtr
WriteFile
CloseHandle
Sleep
GetVolumeInformationA
CreateFileA
DeviceIoControl
GetVersionExA

user32

wsprintfA
LoadIconA
SetWindowPos
MessageBoxA
SetTimer
DispatchMessageA
TranslateMessage
IsWindow
IsDialogMessageA
GetMessageA
ShowWindow
CreateDialogParamA

advapi32

FreeSid
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
RegCloseKey

shell32

ShellExecuteExA
SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteA
SHChangeNotify

ole32

CoCreateInstance
CoInitialize

oleaut32

SysAllocString

msvcp60

?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

shlwapi

PathGetDriveNumberA

msvcrt

__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
_initterm
free
_except_handler3
strstr
atoi
strncat
__CxxFrameHandler
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
__dllonexit
strncpy
sprintf
_strdup

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5286c84d4736db497ee8bad9866e8844

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

msvcp60

shlwapi

msvcrt

wininet

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 25KB - Virtual size: 24KB