a260977a8b512f714642c56346b8ace8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a260977a8b512f714642c56346b8ace8_JaffaCakes118
Size

86KB
MD5

a260977a8b512f714642c56346b8ace8
SHA1

881940352a276ce8a92d7c3d1653fd3b7f5da08e
SHA256

4abc871810e7f68b3ae87190c5f6784dc23b1d25c7bbac3cc9e576b100ebdc1a
SHA512

27bf0325ea18319c90e95c07d319ad58224f3f278624a14b14efa08d35815ec652bd38cbda8de757c1a96c6f1e07be3b7f4b35884c0c65df16cafe1566a673fc
SSDEEP

1536:uOPzJvj1G21KjN/oGdWd8l5szc7T/8ZYuUoccke5ZfMO0JRC/BxzLj/ccPwcX:JFHCN/HMClyzcH/8ZYrn5FJA/bzn/P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a260977a8b512f714642c56346b8ace8_JaffaCakes118

Files

a260977a8b512f714642c56346b8ace8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

106954e856b42419a8629cef38b8e0cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp60

?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIABV12@II@Z
??Gstd@@YA?AV?$complex@O@0@ABOABV10@@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??1out_of_range@std@@UAE@XZ
?_Pdif@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAIPBG0@Z
?_Init@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEXABV_Locinfo@2@@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDH@Z
?pubseekoff@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAE?AV?$fpos@H@2@JFF@Z
??Gstd@@YA?AV?$complex@M@0@ABV10@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
_Getctype
??8std@@YA_NABV?$complex@O@0@ABO@Z
?log10@std@@YA?AV?$complex@O@1@ABV21@@Z
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ

gdi32

DdEntry26
GdiConvertFont
StartDocA
EngMultiByteToWideChar
SetLayoutWidth
EngDeletePath
GetTextCharset
RoundRect
GetTextCharsetInfo
ModifyWorldTransform
GetEnhMetaFileHeader
EngDeleteSemaphore
GetCharWidthI
DdEntry36
FloodFill
gdiPlaySpoolStream
GetMetaFileA

msvcrt20

_spawnvp
?getdouble@istream@@AAEHPADH@Z
_wcslwr
_wcsupr
??6ostream@@QAEAAV0@PBE@Z
?basefield@ios@@2JB
_itow
_wsplitpath
_mbsnbcpy
??_Estdiobuf@@UAEPAXI@Z
_adj_fdivr_m32
??1ostrstream@@UAE@XZ
??_Gistrstream@@UAEPAXI@Z
?is_open@ofstream@@QBEHXZ
??0ostream@@IAE@XZ
abs
strtol
_wspawnlpe
?setg@streambuf@@IAEXPAD00@Z

msvcrt

_utime
iswascii
_wfindfirst
_ismbslead
_Strftime
_utime64
_mkdir
_cgetws
strncpy
_rmtmp
tmpfile
isupper
_wcsrev
_spawnve
_mbcjistojms
__p__tzname
_beep
_stat
??_V@YAXPAX@Z

kernel32

Sleep
CreateMutexA
DeleteFileA
GetCommandLineA
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleFontInfo
GetNumberOfConsoleInputEvents
LoadLibraryA
GetModuleHandleW
LoadLibraryExW
LZDone
ReadFileScatter
VDMConsoleOperation
QueryPerformanceCounter
GetThreadTimes
GetDateFormatW
SetConsoleLocalEUDC
Module32NextW
VirtualProtectEx
EnumResourceNamesW
GetCurrentThreadId
VirtualAlloc

advapi32

EncryptedFileKeyInfo
GetFileSecurityW
CredGetSessionTypes
AccessCheckByTypeResultListAndAuditAlarmByHandleA
CryptDestroyHash
CredReadDomainCredentialsW
SaferIdentifyLevel
CredWriteW
SystemFunction009
LookupPrivilegeDisplayNameW
SaferGetLevelInformation

user32

PostQuitMessage
RegisterClassW
DefWindowProcW

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

106954e856b42419a8629cef38b8e0cc

Headers

DLL Characteristics

File Characteristics

Imports

msvcp60

gdi32

msvcrt20

msvcrt

kernel32

advapi32

user32

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 19KB - Virtual size: 47KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 512B - Virtual size: 312B

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 19KB - Virtual size: 47KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 512B - Virtual size: 312B