401b9e010f2df825ce6a6717e2515c91_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

401b9e010f2df825ce6a6717e2515c91_JaffaCakes118
Size

52KB
MD5

401b9e010f2df825ce6a6717e2515c91
SHA1

0740a80b4deabebd3d98a54ee9ca079a05f76272
SHA256

ba7c5e09f17c729170d2ec0be8a7f6dddc54f814a9a9a82bdb8e681f61fc2261
SHA512

b1e0e348648ba5c3ee7322b1ef46a5c6d954f2d1bf82ae5ef1e7ca17dc59a7c644b0e99fdc0b884d9b6d644cd491e4c2ea9677db53d3085897048146cfa72fda
SSDEEP

768:g6hZ6qWGckzOioJ9IJBjIDD5FnToIf1D+BR9TfTYzt:BZ6q8kyiW9I3qFnToIfe+t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
401b9e010f2df825ce6a6717e2515c91_JaffaCakes118

Files

401b9e010f2df825ce6a6717e2515c91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c85f2d2c5a173d879707a4d8fd45565b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
MoveFileA
GetCurrentProcess
WinExec
Process32Next
GetPriorityClass
OpenProcess
Module32First
Process32First
CreateToolhelp32Snapshot
TerminateProcess
lstrcpyA
GetFileSize
CreateFileA
WriteFile
DeleteFileA
GetTickCount
SetThreadPriority
GetCurrentThread
lstrcpynA
MoveFileExA
GetModuleFileNameA
WaitForSingleObject
CreateMutexA
GlobalMemoryStatus
GetVersionExA
GetComputerNameA
InterlockedExchange
GetCurrentThreadId
FindFirstFileA
FileTimeToLocalFileTime
GetModuleHandleA
FileTimeToSystemTime
GetLastError
FindNextFileA
FindClose
LoadLibraryA
GetProcAddress
FreeLibrary
CreatePipe
CloseHandle
GetStartupInfoA
GetSystemDirectoryA
CreateProcessA
ReadFile
CreateThread
Sleep

user32

CloseDesktop
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
GetSystemMetrics
IsWindow
SendMessageA
CloseWindow
CreateWindowExA
wsprintfA
GetDesktopWindow
CloseWindowStation
SetCursorPos
keybd_event
ExitWindowsEx
mouse_event

gdi32

CreateCompatibleDC
GetDIBits
CreateCompatibleBitmap
BitBlt
CreateDCA
SelectObject
DeleteDC
DeleteObject

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

shell32

ShellExecuteA
SHGetFileInfoA

msvcrt

_strlwr
_acmdln
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
malloc
free
__getmainargs
exit
_XcptFilter
_exit
strncat
sprintf
strncpy
??2@YAPAXI@Z
atoi
strcspn
strstr
??3@YAXPAX@Z
__CxxFrameHandler
_ftol

ws2_32

shutdown
closesocket
connect
socket
htons
WSAStartup
inet_addr
gethostbyname
inet_ntoa
recv
setsockopt
WSAIoctl
send

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c85f2d2c5a173d879707a4d8fd45565b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcrt

ws2_32

avicap32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 1KB