3f3a905af1166b12d765bd97cfa1f93e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f3a905af1166b12d765bd97cfa1f93e_JaffaCakes118
Size

10KB
MD5

3f3a905af1166b12d765bd97cfa1f93e
SHA1

4c9b009d0605c036dad1f4e7fddb483590263940
SHA256

ef0e11e795d0b1c3afe2432e11c12c32c62267169d1fdd4204f7cde37a7bea93
SHA512

ea3b24d247fdc88021be5619c07f0689a2314a8990150adc85c8c7b1936f4e5deb37d003a8e4fde266086bd415749428b5f442d0c8abf0f1f1223bbde9086c8f
SSDEEP

192:tuwO610YiVi1hCnQNgq0C3PZgSvzJQhbjpBS1mbDAVlDR:tP10pV0Cnphshgt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f3a905af1166b12d765bd97cfa1f93e_JaffaCakes118

Files

3f3a905af1166b12d765bd97cfa1f93e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3c2875d482672d1b61687358b49d737

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetProcAddress
LoadLibraryA
WaitForSingleObject
CreateThread
CreateMutexA
GetTempPathA
Sleep
WinExec
GetWindowsDirectoryA
FreeLibrary
GetSystemDirectoryA
lstrcmpiA
SetFileAttributesA
DeleteFileA
lstrcatA
CloseHandle
ReadFile
SetFilePointer
CreateFileA
GetCurrentProcess
GetModuleFileNameA

urlmon

URLDownloadToCacheFileA

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

wininet

DeleteUrlCacheEntry

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ifstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?getline@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z

msvcrt

strcat
_itoa
_onexit
memcpy
memset
malloc
strchr
strlen
strcpy
sprintf
_stricmp
__CxxFrameHandler
atoi
fread
fclose
fwrite
fopen
__dllonexit

Sections

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d3c2875d482672d1b61687358b49d737

Headers

File Characteristics

Imports

kernel32

urlmon

advapi32

wininet

msvcp60

msvcrt

Sections

.data Size: 9KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 8B

.data
Size: 9KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 8B