4ae7787dc9d458d12e63f1b83ccef608_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4ae7787dc9d458d12e63f1b83ccef608_JaffaCakes118
Size

50KB
MD5

4ae7787dc9d458d12e63f1b83ccef608
SHA1

cc1a87dbc386e13b1795858b5ccdd2b9fb93eb6d
SHA256

07f47eb83c0affd87e3b7b6d4ebf25b29c23a6262ff525a1d08414bbab03de0d
SHA512

246dccb6cc2ff41f43fc30500b2da3f679aa39472bf3109ddd53295081c29a9035b85fd9ed07f87f2de668de9bfd2cb6c714bb3ed0048d40710745094874938b
SSDEEP

1536:wkXfxqV45tuMSgz4KgHKXlHQD0ocxt/JhQTwDIuMMMMMMM3:wkXJqV45oMblH2PczLQMPMMMMMMM3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ae7787dc9d458d12e63f1b83ccef608_JaffaCakes118

Files

4ae7787dc9d458d12e63f1b83ccef608_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0502ae6057ad39b431092ea7ee06d3d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasGetEntryPropertiesA
RasEnumDevicesA
RasSetEntryPropertiesA
RasValidateEntryNameA
RasDeleteEntryA
RasGetConnectStatusA
RasDialA
RasEnumConnectionsA
RasHangUpA
RasGetErrorStringA
RasEnumEntriesA

mfc42

ord3229
ord5808
ord389
ord3215
ord5201
ord5207
ord5356
ord1988
ord690
ord5204
ord823
ord825

msvcrt

_mbschr
strlen
memcpy
memset
sprintf
_mbsstr
atoi
_stricmp
_strcmpi
strncmp
_ltoa
isalpha
__CxxFrameHandler
isalnum
isspace
fputs
strcat
strcpy
time
strstr
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
fprintf
_controlfp
tolower
_strnicmp
rand
strcmp
_purecall

kernel32

HeapAlloc
HeapFree
GetProcessHeap
SizeofResource
GetVolumeInformationA
LoadResource
FindResourceA
DeleteFileA
WaitForSingleObject
OpenEventA
CreateEventA
CloseHandle
CreateProcessA
OpenProcess
GetCurrentProcessId
CreateFileA
CopyFileA
GetTempFileNameA
GetTempPathA
GetModuleFileNameA
GetCommandLineA
GetVersion
GetLastError
CreateMutexA
GetProcAddress
GetModuleHandleA
Sleep
LoadLibraryA
lstrcatA
lstrcpyA
lstrcpynA
GlobalFree
GlobalAlloc
lstrcmpiA
WinExec
GetStartupInfoA
SetEvent
LockResource

user32

WaitForInputIdle
UpdateWindow
PeekMessageA
AppendMenuA
GetCursorPos
TrackPopupMenu
DestroyMenu
InvalidateRgn
SystemParametersInfoA
MoveWindow
wsprintfA
CreateDialogParamA
SetCursor
EndDialog
DestroyIcon
GetDlgItem
SetWindowTextA
KillTimer
GetWindowTextA
SendMessageA
CreatePopupMenu
PostQuitMessage
SetTimer
DialogBoxParamA
MessageBoxA
LoadImageA
RegisterClassExA
DefWindowProcA
BeginPaint
EndPaint
ShowWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA

gdi32

SelectObject
TextOutA
DeleteObject
CreateFontA

advapi32

RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueA
RegCloseKey
RegEnumValueA
RegQueryValueExA

shell32

Shell_NotifyIconA
ShellExecuteA
ExtractIconA

winmm

timeGetTime

Sections

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0502ae6057ad39b431092ea7ee06d3d8

Headers

File Characteristics

Imports

rasapi32

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

winmm

Sections

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 32KB - Virtual size: 189KB

.rsrc Size: 9KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 32KB - Virtual size: 189KB

.rsrc
Size: 9KB - Virtual size: 12KB