ab169dbfb8fd1581acd25e142be5c6fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab169dbfb8fd1581acd25e142be5c6fe_JaffaCakes118
Size

112KB
MD5

ab169dbfb8fd1581acd25e142be5c6fe
SHA1

9938c12b5d573934c424ac308d11bf1f669820cd
SHA256

b82003c5849ed930aa2df9adc6350e4c806566b4e3e3023d3b2d8d8281a2998c
SHA512

f8cef5467aa3dedc97217b7bea23dfc9e8f2c3625717a53d8373d6afaee5ecacbb60fbb4a55de817623e04d6f45917d891f2d3981291491b820c77205c704661
SSDEEP

3072:/PGTrzJi1m9SxOuAN2ZvGPS3I4lIqY8u14lrvL5:nSzJi1m9Sx1ZvGI5agu14

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab169dbfb8fd1581acd25e142be5c6fe_JaffaCakes118

Files

ab169dbfb8fd1581acd25e142be5c6fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3de627c104e380af4692df8819e20867

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

__p__fmode
__set_app_type
_controlfp
isalpha
iscntrl
isdigit
isgraph
islower
isprint
ispunct
isspace
isxdigit
sscanf
malloc
isupper
tolower
_strnicmp
??2@YAPAXI@Z
memcpy
strlen
memmove
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_except_handler3
_mbsnbcpy
_ismbcspace
_mbsrchr
_mbsicmp
_mbscmp
atol
_mbspbrk
exit
_purecall
time
localtime
strftime
_mbsstr
_mbschr
strncpy
memset
strcpy
strncmp
atoi
_ismbcdigit
wcslen
free
realloc
__CxxFrameHandler
isalnum

wininet

HttpOpenRequestA
InternetOpenA
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
InternetOpenUrlA
InternetConnectA
InternetGetConnectedState
HttpSendRequestA

ws2_32

WSACleanup
closesocket
socket
htons
connect
WSAStartup
gethostbyname

kernel32

GetLastError
ReleaseMutex
CreateFileA
GetModuleHandleA
GetStartupInfoA
WaitForSingleObjectEx
GetExitCodeProcess
GetTickCount
lstrcpynW
lstrcpynA
CreateProcessA
SetCurrentDirectoryA
FormatMessageA
WaitForSingleObject
TerminateThread
CreateThread
DeleteFileA
SetFilePointer
CloseHandle
WriteFile
ReadFile
CreateMutexA
OutputDebugStringA
DebugBreak
lstrlenA
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
GetCurrentThreadId

user32

DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
DestroyWindow
CreateWindowExA
SetWindowLongA
RegisterClassExA
LoadImageA
wsprintfA
LoadCursorA
GetClassInfoExA
wvsprintfA
CharNextA
TranslateAcceleratorA
SetTimer
KillTimer
LoadStringA
MessageBoxA
PostQuitMessage
GetWindowLongA
SetFocus
IsWindowVisible
SendMessageA
LoadStringW
SetWindowPos
GetClientRect
GetWindowRect
CallWindowProcA
CharUpperA
MsgWaitForMultipleObjects
IsWindow
FindWindowA
DefWindowProcA
PostMessageA
LoadMenuA
LoadAcceleratorsA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3de627c104e380af4692df8819e20867

Headers

File Characteristics

Imports

msvcp60

msvcrt

wininet

ws2_32

kernel32

user32

advapi32

ole32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 1KB