447d8c17fa73d471db1a9df9dba23e3e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

447d8c17fa73d471db1a9df9dba23e3e_JaffaCakes118
Size

38KB
MD5

447d8c17fa73d471db1a9df9dba23e3e
SHA1

f2bb2ad1c0975865801e6dc364bdbf6ac3961b0d
SHA256

dae21d7d93c425bd17a26e560cf35cea6387dd360737dae9b1c6175c743b4a0f
SHA512

5bed7ae03e71a3da1e331a8f95f7360b7025c6dff4b466812f7093556dcd714b0ec47871e0e005d8f0eeec34a2d8f6d41d41405891b3c9c0fa1a9c59184c9659
SSDEEP

768:Her264id/SSrDcn4x9o2Z0Uw66tzzDyDzP9WcAF9IZrUV:H426N/SSI0nGj1tvHcPZrU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
447d8c17fa73d471db1a9df9dba23e3e_JaffaCakes118

Files

447d8c17fa73d471db1a9df9dba23e3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84ccfe93c7fc1ea6c7d672e6f5727428

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
MoveFileA
SystemTimeToTzSpecificLocalTime
GetSystemTime
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
CreateDirectoryA
SetFileAttributesA
GetFileAttributesA
CreateThread
SetFileTime
GetFileTime
GetSystemDirectoryA
GetWindowsDirectoryA
WaitForSingleObject
OpenProcess
GetLastError
lstrcmpA
FileTimeToSystemTime
FileTimeToLocalFileTime
CopyFileA
MultiByteToWideChar
lstrcpyA
GetCommandLineA
InterlockedIncrement
InterlockedDecrement
SetEvent
CreateEventA
FreeLibrary
ResetEvent
GetCurrentProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateIoCompletionPort
SetLastError
PostQueuedCompletionStatus
SetThreadPriority
GetThreadPriority
ReadDirectoryChangesW
GetQueuedCompletionStatus
GetCurrentThread
OutputDebugStringA
lstrcatA
GetCurrentProcessId
Sleep
GetLogicalDriveStringsA
GetDiskFreeSpaceExA
GetVolumeInformationA
CreateProcessA
GetThreadContext
ReadProcessMemory
GetModuleFileNameA
lstrcmpiA
GetModuleHandleA
GetProcAddress
VirtualAllocEx
ReleaseMutex
ResumeThread
TerminateProcess
CreateFileA
CloseHandle
DeviceIoControl
VirtualAlloc
SetFilePointer
ReadFile
VirtualFree
CreateMutexA
WriteFile

user32

TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassExA
PostMessageA
GetWindowThreadProcessId
EnumWindows
GetForegroundWindow
GetWindowTextA
DispatchMessageA
DestroyWindow
RegisterClassA
PostThreadMessageA
MessageBeep
PostQuitMessage
wsprintfA
MsgWaitForMultipleObjects
PeekMessageA
DefWindowProcA
SetTimer
IsWindow

gdi32

GetStockObject

advapi32

LookupPrivilegeValueA
RegCloseKey
RegOpenKeyExA
RegCreateKeyA
RegDeleteKeyA
RegSetValueExA
GetUserNameA
RegQueryValueExA
RegOpenKeyA
CryptReleaseContext
CryptEncrypt
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptDestroyKey
CryptExportKey
CryptGetUserKey
CryptGenKey
CryptAcquireContextA
AdjustTokenPrivileges
OpenProcessToken

shell32

StrCmpNIA
StrStrIA
SHGetSpecialFolderPathA
StrRChrA

ole32

CoInitialize
CoCreateInstance

mfc42

ord924
ord5683
ord5710
ord825
ord823
ord561
ord815
ord800
ord2818
ord540
ord537
ord860
ord1575
ord539
ord939
ord941
ord535
ord3584
ord543
ord803
ord6307
ord521
ord858
ord3701
ord500
ord772
ord1105
ord6142
ord2393
ord5860
ord663
ord348
ord1187

msvcrt

_purecall
_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_mbsicmp
_mbsrchr
_mbstok
strncmp
sprintf
strncat
strncpy
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
__CxxFrameHandler
_CxxThrowException
strstr
_mbsstr
mktime
difftime
_ftol
time
fclose
fopen
free
fread
fwrite
malloc
_strdup
_beginthreadex

urlmon

URLDownloadToCacheFileA

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0out_of_range@std@@QAE@ABV01@@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0logic_error@std@@QAE@ABV01@@Z
??_7out_of_range@std@@6B@
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1out_of_range@std@@UAE@XZ

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84ccfe93c7fc1ea6c7d672e6f5727428

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

mfc42

msvcrt

urlmon

msvcp60

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 16B