2c848cd5ee05de63593c21a2ce836b22_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c848cd5ee05de63593c21a2ce836b22_JaffaCakes118
Size

496KB
MD5

2c848cd5ee05de63593c21a2ce836b22
SHA1

629d53e4235b8d29b1ffcdaab8f9610b863dea83
SHA256

d3d247a13b461b4d5b13cc0c8514d317152b1e5e0e46e74ca6e5c2f4baca4281
SHA512

15bbacc186041b2743d9ae81e6ab7884bcc9283254f3702bbe22ff1a10402927239dff55b6d3e74d3ec3c46ddd4a9b6961aaaf83d9e5955a44faf91d654789fb
SSDEEP

12288:OoQDJYcfKQ/vTQ7801Lv1nx2AdpG/Fnfl:edBDQ7/CAdpsnN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c848cd5ee05de63593c21a2ce836b22_JaffaCakes118

Files

2c848cd5ee05de63593c21a2ce836b22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7eb19ce0c76cc49c8e0a8ada509c237e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FlushConsoleInputBuffer
InterlockedExchange
InterlockedCompareExchange
ReleaseMutex
CreateMutexA
CreateThread
ExitThread
GetCurrentThreadId
GetCurrentThread
GetModuleFileNameA
GlobalAlloc
GlobalFree
SetConsoleCtrlHandler
GetModuleHandleA
GetProcAddress
AllocConsole
GetStdHandle
GetLastError
FormatMessageA
LocalFree
GetVersionExA
SetEvent
CreateEventA
WaitForSingleObject
CloseHandle
MoveFileA
GetFileAttributesA
CreateDirectoryA
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
FreeLibrary
GlobalMemoryStatus
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
GetSystemTimeAsFileTime
OutputDebugStringA
GetTickCount
GetDiskFreeSpaceExA
TerminateProcess

user32

MessageBoxIndirectA
CreateWindowExA
DefWindowProcA
DestroyWindow
RegisterClassA

shell32

SHGetFolderPathA

advapi32

RegQueryValueExA
CopySid
RegOpenKeyExA
RegCloseKey
IsValidSid
LookupAccountNameA
GetUserNameA
DeregisterEventSource
StartServiceA
RegDeleteValueA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
ChangeServiceConfig2A
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA
RegisterEventSourceA
ReportEventA
GetLengthSid

libcurl

curl_easy_setopt
curl_global_cleanup
curl_global_init
curl_easy_getinfo
curl_easy_perform
curl_easy_cleanup
curl_easy_init

zlibwapi

ord12
ord16
ord17

msvcr80

__iob_func
strstr
atoi
strrchr
strchr
_unlink
_splitpath
fclose
ftell
fseek
fopen
_vsnprintf
_localtime64
_time64
_mbscmp
_mbslen
fprintf
_open_osfhandle
setvbuf
printf
exit
_strdup
fread
feof
_write
_read
rename
_stricmp
fgets
memcpy
_errno
fwrite
realloc
calloc
fputc
vfprintf
_strlwr
_strupr
strpbrk
ferror
_fileno
getc
_gmtime64
isdigit
sprintf
memmove
isspace
iscntrl
tolower
memchr
strftime
__timezone
__daylight
_tzset
_pclose
_popen
_findfirst64i32
_findclose
_findnext64i32
strerror
getenv
fflush
_setmode
qsort
bsearch
abort
strcmp
_stat64i32
isupper
sscanf
isxdigit
fputs
signal
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_strnicmp
strncpy
strncmp
free
malloc
_utime64
_open
_close
_fstat64i32
memset
_snprintf
_chsize
_lseek
_chmod
_fdopen
_getch

Sections

.text
Size: 336KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7eb19ce0c76cc49c8e0a8ada509c237e

Headers

File Characteristics

Imports

kernel32

user32

shell32

advapi32

libcurl

zlibwapi

msvcr80

Sections

.text Size: 336KB - Virtual size: 334KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 48KB - Virtual size: 58KB

.rsrc Size: 4KB - Virtual size: 428B

.text
Size: 336KB - Virtual size: 334KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 48KB - Virtual size: 58KB

.rsrc
Size: 4KB - Virtual size: 428B