81c7a4d1078b344f7b9e99cd3f88c984_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

81c7a4d1078b344f7b9e99cd3f88c984_JaffaCakes118
Size

214KB
MD5

81c7a4d1078b344f7b9e99cd3f88c984
SHA1

3355c6d6bd4fd34fb23c5ed998daaa54ba55a651
SHA256

93739acd40217d985062c5ac8a028e2bf20a806be0bb4298a1dd29ad99d38052
SHA512

b1daceccc11da91a3f47135fcdaddd06f1c25a1f571bd913ef3462a758808bd993e8a2ecf506bb5ef3a7371b3933cf765ee44a18c06c9746be5905f921d74502
SSDEEP

3072:uahAcUn4vObQA/SukvOtL7QJlsmo990S+P5tPR3Trw7R7MR1Cd/Tu:uaacVGbQMSukvOyJlsaS+xRR3/w9AyS

Score

1^/10

Malware Config

Signatures

Files

81c7a4d1078b344f7b9e99cd3f88c984_JaffaCakes118
.exe .vbs windows:4 windows x86 arch:x86 polyglot

60b65e6cf41ce15d5b01c21455528157

Code Sign

2f:07:43:10:b1:64:d2:31:9e:98:57:41:18:dc:d9:8b:96:78:3a:23
Signer

Actual PE Digest

2f:07:43:10:b1:64:d2:31:9e:98:57:41:18:dc:d9:8b:96:78:3a:23

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindFirstFileA
GetSystemDirectoryA
MoveFileExA
DeleteFileA
WinExec
GetTempFileNameA
GetTempPathA
ReadFile
lstrcpynA
CreateDirectoryA
FindNextFileA
ReleaseMutex
WaitForSingleObject
lstrcmpiA
lstrcpyA
lstrcmpA
GetEnvironmentVariableA
lstrcatA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
Sleep
MoveFileA
GetCurrentProcess
FormatMessageA
GetLastError
GetComputerNameA
SetCurrentDirectoryA
LoadLibraryA
GetLocalTime
lstrlenA
VirtualAlloc
FileTimeToDosDateTime
SetEndOfFile
DosDateTimeToFileTime
GetFileTime
SetFileTime
ExitProcess
ReleaseSemaphore
OpenSemaphoreA
CreateMutexA
GetWindowsDirectoryA
SystemTimeToFileTime
CreateProcessA
CreateSemaphoreA
CreateThread
DeviceIoControl
HeapFree
HeapAlloc
GetProcessHeap
GetDriveTypeA
GetLogicalDrives
GetLogicalDriveStringsA
SizeofResource
LockResource
LoadResource
FindResourceA
FileTimeToSystemTime
GetCurrentProcessId
TerminateProcess
OpenProcess
MultiByteToWideChar
SetFileAttributesW
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameA
CopyFileA
SetFileAttributesA
GetSystemTime
CreateFileA
SetFilePointer
WriteFile
VirtualFree
CloseHandle

user32

CharLowerBuffA
wsprintfA
DefWindowProcA
SetTimer
ShowWindow
PostQuitMessage
EndDialog
KillTimer
DialogBoxParamA

advapi32

InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetFileSecurityA
InitializeSecurityDescriptor
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSaveKeyA
RegOpenKeyExA
RegRestoreKeyA
RegCloseKey
RegQueryValueExA
LookupAccountNameA

shell32

SHChangeNotify

ole32

CoUninitialize
CoInitialize

ws2_32

inet_addr
WSACleanup
WSAStartup
gethostbyname
socket
htons
connect
send
recv

mpr

WNetCancelConnection2A
WNetAddConnection2A

msvcrt

strncpy
_findclose
sprintf
_strlwr
_findnext
_findfirst
isdigit
__CxxFrameHandler
strrchr
strncmp
wcslen
_stricmp
_strcmpi
atol
atoi
memmove
strchr

psapi

GetModuleFileNameExA
EnumProcessModules

Sections

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uro
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

maihbjo
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

60b65e6cf41ce15d5b01c21455528157

Code Sign

2f:07:43:10:b1:64:d2:31:9e:98:57:41:18:dc:d9:8b:96:78:3a:23Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

ws2_32

mpr

msvcrt

psapi

Sections

.data Size: 56KB - Virtual size: 55KB

.rsrc Size: 82KB - Virtual size: 82KB

.uro Size: 512B - Virtual size: 28KB

maihbjo Size: - Virtual size: 4KB

2f:07:43:10:b1:64:d2:31:9e:98:57:41:18:dc:d9:8b:96:78:3a:23
Signer

.data
Size: 56KB - Virtual size: 55KB

.rsrc
Size: 82KB - Virtual size: 82KB

.uro
Size: 512B - Virtual size: 28KB

maihbjo
Size: - Virtual size: 4KB