9521e0cedb3c7c9466cca302ef145025_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9521e0cedb3c7c9466cca302ef145025_JaffaCakes118
Size

148KB
MD5

9521e0cedb3c7c9466cca302ef145025
SHA1

7a795ced1f8ad11ec10e550d3321c848890d95f8
SHA256

c9dccf2f97f3ee95c70237073c0b1bbc16f30dc624b0e48c5db8b58075b16d81
SHA512

c9ad63fd71bed6afb39c550499c280b84282c9e3c7221c7ac481d61ba164f4ab1bb668361be0668a8938d7213df7bc19dcf8d929ce6a1368d067003221cb4871
SSDEEP

3072:wenQycBLycwKOXQFhbfG0buTBft//zmtf:weud7wKOXOpfG0buTBl/Lmt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9521e0cedb3c7c9466cca302ef145025_JaffaCakes118

Files

9521e0cedb3c7c9466cca302ef145025_JaffaCakes118
.exe windows:4 windows x86 arch:x86

acc5dc8550ee2e3e07f9b0864a018696

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
FindClose
LocalFree
LocalReAlloc
LocalAlloc
GetFileSize
ReadFile
SetFilePointer
MoveFileA
CreateProcessA
InitializeCriticalSection
lstrcatA
lstrcmpiA
WriteFile
lstrcpyA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetStartupInfoA
WaitForMultipleObjects
TerminateProcess
OpenProcess
GetCurrentThreadId
GetSystemInfo
GetComputerNameA
GetVersionExA
OpenEventA
SetErrorMode
GetFileAttributesA
CreateDirectoryA
DeleteFileA
GetProcAddress
GetCurrentProcessId
GetModuleHandleA
GetLocalTime
GetTickCount
CancelIo
InterlockedExchange
GetLastError
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
Sleep
CloseHandle
FreeLibrary
SetEvent
WaitForSingleObject
LoadLibraryA
CreateFileA

user32

CloseWindow
CreateWindowExA
PostMessageA
OpenDesktopA
GetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
SetThreadDesktop
CloseDesktop
IsWindowVisible
GetWindowThreadProcessId
ExitWindowsEx
GetCursorInfo
DestroyCursor
GetDesktopWindow
GetDC
SetRect
GetSystemMetrics
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetCursorPos
WindowFromPoint
SetCapture
MapVirtualKeyA
keybd_event
SendMessageA
LoadCursorA
GetKeyState
GetAsyncKeyState
GetForegroundWindow
TranslateMessage
GetMessageA
CharNextA
wsprintfA
GetWindowTextA
MessageBoxA
IsWindow

advapi32

RegQueryValueExA
RegOpenKeyExA
CloseEventLog
ClearEventLogA
OpenEventLogA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
CloseServiceHandle
DeleteService
OpenSCManagerA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteKeyA
RegRestoreKeyA
RegSaveKeyA
RegOpenKeyA
AdjustTokenPrivileges
OpenProcessToken
RegCloseKey

msvcrt

_errno
strchr
atoi
strrchr
strcmp
_except_handler3
malloc
free
sprintf
strcat
strcpy
rand
memcmp
strstr
strlen
_ftol
??0exception@@QAE@ABQBD@Z
ceil
_beginthreadex
??1type_info@@UAE@XZ
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_strnset
_strrev
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
_strnicmp
memset
??2@YAPAXI@Z
putchar
??3@YAXPAX@Z
memcpy
puts
__CxxFrameHandler
_CxxThrowException
memmove

ws2_32

recv
select
closesocket
send
inet_addr
connect
sendto
WSASocketA
htonl
inet_ntoa
getsockname
bind
recvfrom
__WSAFDIsSet
gethostbyname
htons
setsockopt
WSAIoctl
WSACleanup
WSAStartup
socket

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acc5dc8550ee2e3e07f9b0864a018696

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

ws2_32

Sections

.text Size: 108KB - Virtual size: 106KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 1016B

.text
Size: 108KB - Virtual size: 106KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 1016B