832d9b4dd694fe6273058c75e8c6d4cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

832d9b4dd694fe6273058c75e8c6d4cb_JaffaCakes118
Size

115KB
MD5

832d9b4dd694fe6273058c75e8c6d4cb
SHA1

9f78e751d586e4cd2408364d4f25d4e692f78eea
SHA256

d1e919a7a5a6635a67f1f58056c220b14d8a775728226357ded42533b38305b3
SHA512

9b93621a8a43bd827ba8676c3323a213694d21b4b66f481c899a382e3d6e7af53bc0c8c950be2a0015f50db3d92759bcd29ef5ab782b5cc162ccbd84706910c2
SSDEEP

3072:1K3zbE/TrLOM//Gi0o0CLn7/CxE8dOzU6iJMo62uz:1UPE/6M//Gi0ofLn7fGT6iJMmuz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
832d9b4dd694fe6273058c75e8c6d4cb_JaffaCakes118

Files

832d9b4dd694fe6273058c75e8c6d4cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cbe0c87a2d18b6410246f4e5397206cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
printf
mbstowcs
wcslen
wcscpy
tolower
toupper
strstr
strtod
_isctype
__crtLCMapStringA
setlocale
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
atoi
strcpy
strcmp
strlen
_snprintf
strncat
malloc
wcscat
strtol
strtoul
strcspn
localeconv
memchr
sprintf
memset
memcmp
free
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
memmove
system
exit
time
srand
rand
_EH_prolog
__CxxFrameHandler
??2@YAPAXI@Z
memcpy
??3@YAXPAX@Z
_XcptFilter

advapi32

CloseServiceHandle
ChangeServiceConfig2A
CreateServiceA
OpenSCManagerA
StartServiceA
OpenServiceA
ControlService
DeleteService
RegCloseKey
RegSetValueExA
RegCreateKeyExA
StartServiceCtrlDispatcherA

shlwapi

PathFileExistsA

wsock32

WSAStartup
setsockopt
inet_ntoa
bind
listen
select
recv
closesocket
send
connect
inet_addr
getpeername
gethostbyname
htonl
WSAAsyncSelect
ntohl
WSAGetLastError
__WSAFDIsSet
accept
socket
htons
ioctlsocket
ntohs

kernel32

GetTimeFormatA
SetFilePointer
GetModuleFileNameA
WaitForSingleObject
GetExitCodeThread
CreateFileA
TransactNamedPipe
WriteFile
CloseHandle
ReadFile
MultiByteToWideChar
MoveFileExA
GetDateFormatA
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexA
ReleaseMutex
GetModuleHandleA
ExitThread
GetLastError
GetFileSize
GetTickCount
GetLocaleInfoA
DeleteFileA
ExitProcess
CreateProcessA
OpenProcess
GetCurrentProcessId
SetFileAttributesA
CopyFileA
LocalFree
GetSystemDirectoryA
CreateThread
lstrlenA

user32

IsWindow
FindWindowA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
VkKeyScanA
SendMessageA
ShowWindow
SetFocus
SetForegroundWindow
BlockInput
DefWindowProcA
GetWindowLongA
SetWindowLongA
keybd_event
RegisterClassExA
DispatchMessageA
TranslateMessage
GetMessageA
FindWindowExA
CreateWindowExA

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

mpr

WNetAddConnection2W
WNetCancelConnection2W
WNetAddConnection2A
WNetCancelConnection2A

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantClear
SysAllocString
VariantInit

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cbe0c87a2d18b6410246f4e5397206cd

Headers

File Characteristics

Imports

msvcrt

advapi32

shlwapi

wsock32

kernel32

user32

shell32

urlmon

mpr

ole32

oleaut32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 10KB - Virtual size: 16KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 10KB - Virtual size: 16KB