472df2b4a12313b8b3ac531562c5bb49_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

472df2b4a12313b8b3ac531562c5bb49_JaffaCakes118
Size

149KB
MD5

472df2b4a12313b8b3ac531562c5bb49
SHA1

ca11ddd06ee183becc04053232e8885521adf6ab
SHA256

d03260507c993eee602d523cdf52419c0edfff8200fc77fb0b1c3bc6333532c5
SHA512

75a3062364d48555a51310a3ee1d01fa3d75c18c30fba70decd490e978a6fa197fee8ebadd40a80c394629a4f6d16b772a8ee006b7f689b36a621bf2b2f3240d
SSDEEP

1536:9o3D4UZiKn1QHNYetLkrzQbi8lRP+/K5WJDdNXFokMxvqZ11x:C3DDMy1CkrzGdlR2EWRdNXFokMxvi5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
472df2b4a12313b8b3ac531562c5bb49_JaffaCakes118

Files

472df2b4a12313b8b3ac531562c5bb49_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f819206817d59e569f13bac03a1a762

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegNotifyChangeKeyValue
RegDeleteKeyA
RegEnumKeyA

gdi32

GetStockObject

wininet

InternetReadFile
InternetTimeToSystemTime
InternetCloseHandle
HttpQueryInfoA
InternetErrorDlg
InternetTimeFromSystemTime
HttpSendRequestA
InternetConnectA
InternetOpenA
InternetCrackUrlA
HttpOpenRequestA

shell32

ShellExecuteA
Shell_NotifyIconA

kernel32

lstrlenW
GetEnvironmentVariableA
LocalFree
GetStartupInfoA
GetModuleHandleA
GetThreadLocale
GetSystemInfo
FreeLibrary
lstrcpynA
WideCharToMultiByte
MultiByteToWideChar
GetTempPathA
SetFilePointer
WriteFile
GetLastError
CloseHandle
lstrcatA
lstrcpyA
WaitForSingleObject
InterlockedIncrement
CreateEventA
WaitForMultipleObjects
lstrlenA
GetModuleFileNameA
CreateMutexA
GetCommandLineA
InterlockedDecrement
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
CreateFileA
DeleteFileA
GetCurrentProcess
GetProcAddress
LoadLibraryA
SetEvent
lstrcmpA
CreateThread
ReadFile
CreateProcessA
SetHandleInformation
CreatePipe
Sleep
ResetEvent
GetTickCount
GetCurrentProcessId
SystemTimeToTzSpecificLocalTime
CompareFileTime
SystemTimeToFileTime
GetSystemTime
GetVersionExA

user32

MsgWaitForMultipleObjects
GetWindowLongA
DefWindowProcA
PostQuitMessage
CreatePopupMenu
AppendMenuA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
PostMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
RegisterClassA
CreateWindowExA
ShowWindow
SetWindowLongA
LoadImageA
DestroyWindow
LoadStringA
MessageBoxA
GetDesktopWindow
wsprintfA

ole32

CoUninitialize
CoInitialize
CLSIDFromString
CoTaskMemFree
StringFromCLSID

msvcrt

__p__commode
__p__fmode
_controlfp
__set_app_type
_XcptFilter
_strdup
_initterm
__getmainargs
_ftol
_strcmpi
_stricmp
_exit
iswspace
isspace
sprintf
strncmp
malloc
free
sscanf
rand
strtol
srand
strncat
??2@YAPAXI@Z
time
_purecall
_except_handler3
strstr
strncpy
strrchr
asctime
_EH_prolog
__CxxFrameHandler
_adjust_fdiv
__setusermatherr
localtime
_acmdln
exit
mktime
??3@YAXPAX@Z

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.drdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f819206817d59e569f13bac03a1a762

Headers

File Characteristics

Imports

advapi32

gdi32

wininet

shell32

kernel32

user32

ole32

msvcrt

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 12KB - Virtual size: 9KB

.drdata Size: 76KB - Virtual size: 76KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 12KB - Virtual size: 9KB

.drdata
Size: 76KB - Virtual size: 76KB