72db4feef6e6da9f3bd0cac24fccfc2d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

72db4feef6e6da9f3bd0cac24fccfc2d_JaffaCakes118
Size

348KB
MD5

72db4feef6e6da9f3bd0cac24fccfc2d
SHA1

b35ad8620041e6bd0e93f18872bba3bb153bef9a
SHA256

7585f18a1f0ebe483ee9241089328a78aa90b037eed456d8901bc0220689a796
SHA512

c6a126b0a9a777d5d3599fcdf6a63db9e9a2bfc1d6bc5d29e51a603675474f6c5153b14cdba992ee735b830f2ebb00d2b165b5e940bea57278b6c16f89e7b602
SSDEEP

3072:ViacphzxJ0AG6IoECBih98CwpNTwg5tk/94M5McaFLLkS3qIBB/e9YtRi:ViaVwC8hM9PjcLOIvm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72db4feef6e6da9f3bd0cac24fccfc2d_JaffaCakes118

Files

72db4feef6e6da9f3bd0cac24fccfc2d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cab7fdd7d4d79d47fa3b6b8cd0093f45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
strncpy
strstr
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_strupr
_strlwr
_strnicmp
_chmod
_stricmp
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
isdigit
atoi
printf
_chdrive
_chdir
strcpy
__dllonexit
??2@YAPAXI@Z
__CxxFrameHandler
abs
memcpy
memset
strlen
_itoa
atol
sprintf
free
malloc
strcmp
rand
srand
time
memcmp
memchr
memmove
_access
strchr
strcat
exit
strcspn

wsock32

shutdown
WSAGetLastError
WSAAsyncSelect
recv
send
select
WSAStartup
closesocket
connect
ioctlsocket
WSACleanup
htons
gethostbyname
socket

kernel32

CreateEventA
LocalFree
lstrlenA
lstrcmpiA
WaitForSingleObject
InterlockedDecrement
OpenProcess
TerminateProcess
GetCurrentProcess
CreateDirectoryA
MultiByteToWideChar
GetFileSize
WriteFile
RaiseException
SizeofResource
LockResource
GetProcAddress
LocalAlloc
InterlockedExchange
GlobalFree
GlobalUnlock
GlobalLock
GlobalReAlloc
GlobalAlloc
GetModuleHandleA
OutputDebugStringA
GetTickCount
GetWindowsDirectoryA
FormatMessageA
GetLastError
FreeResource
GetSystemDirectoryA
LoadResource
FindResourceA
Sleep
CloseHandle
ReadFile
CreateFileA
FreeLibrary
LoadLibraryA
DeleteFileA
RemoveDirectoryA
CopyFileA
GetModuleFileNameA
GetStartupInfoA

user32

SetWindowRgn
GetDC
CreateDialogParamA
LoadMenuA
GetCursorPos
GetSubMenu
EnableMenuItem
TrackPopupMenuEx
UpdateWindow
LoadAcceleratorsA
LoadIconA
EnableWindow
SetFocus
PostMessageA
GetWindowTextA
GetClientRect
ReleaseCapture
SetCapture
DestroyMenu
GetMessageA
KillTimer
GetDlgItemTextA
MessageBoxA
GetDlgItem
TranslateAcceleratorA
GetDlgCtrlID
ShowWindow
SetTimer
LoadStringA
EndDialog
DialogBoxParamA
SetForegroundWindow
ScreenToClient
GetWindowRect
PeekMessageA
PostQuitMessage
TranslateMessage
DispatchMessageA
DefWindowProcA
CreateWindowExA
SendMessageA
GetParent
IsWindowVisible
BeginPaint
EndPaint
InvalidateRect
SetWindowLongA
IsWindow
GetWindowLongA
CallWindowProcA
LoadImageA
FindWindowA
GetActiveWindow
GetAsyncKeyState
LoadCursorA
RegisterClassExA
SetDlgItemTextA
ReleaseDC
IsIconic
RedrawWindow
DestroyWindow
SetWindowPos
SetWindowTextA
GetWindowThreadProcessId
GetDesktopWindow

gdi32

SetBkColor
SetTextColor
GetDIBColorTable
CreatePalette
SetBkMode
CreateSolidBrush
GetObjectA
StretchBlt
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
SelectPalette
RealizePalette
CreateRoundRectRgn
CreateFontA

advapi32

RegEnumKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegConnectRegistryA
RegCreateKeyExA
RegSetValueExA
RegEnumValueA

shell32

Shell_NotifyIconA
ShellExecuteA

urlmon

URLDownloadToCacheFileA
URLDownloadToFileA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

wininet

InternetGetConnectedState

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromString

oleaut32

VariantClear
SysFreeString
SysAllocString

Sections

pec1
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cab7fdd7d4d79d47fa3b6b8cd0093f45

Headers

File Characteristics

Imports

msvcrt

wsock32

kernel32

user32

gdi32

advapi32

shell32

urlmon

version

wininet

ole32

oleaut32

Sections

pec1 Size: 128KB - Virtual size: 128KB

.rsrc Size: 212KB - Virtual size: 212KB

.rsrc Size: 4KB - Virtual size: 4KB

pec1
Size: 128KB - Virtual size: 128KB

.rsrc
Size: 212KB - Virtual size: 212KB

.rsrc
Size: 4KB - Virtual size: 4KB