ab0d2c9e59219178304f500a234e9a4d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab0d2c9e59219178304f500a234e9a4d_JaffaCakes118
Size

76KB
MD5

ab0d2c9e59219178304f500a234e9a4d
SHA1

3a218247175b4348dcf0977b2ae8fb740d993e90
SHA256

59b624b3a527eaa435f3d0fa5eff8123f2c47eb6f9423b0f03740dfd79db35a4
SHA512

86abf0bd06b58b1cd9dda981f6e726360133fa186ebf5cf929835abfdad5f60d3bca395054683c79367e95412b9fa920a0f17012089aff534886d5ce6a23e412
SSDEEP

1536:i+PSbv3Joyul3Wd109dllucR+6+JQyLT2DUAseNvii:iAq0l4109scR+6+myYULeN/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab0d2c9e59219178304f500a234e9a4d_JaffaCakes118

Files

ab0d2c9e59219178304f500a234e9a4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29ff89ee265bd89a674e321fb3a7c167

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextA
SetClipboardData
EnumWindows
keybd_event
VkKeyScanA
IsWindow
wsprintfA
GetMenu
FindWindowExA
SendMessageA
BlockInput
OpenClipboard
EmptyClipboard
MessageBoxA
CloseClipboard
CharLowerA
FindWindowA
ShowWindow
BringWindowToTop
SetForegroundWindow
SetFocus

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
VariantClear
VariantInit
SysAllocString

urlmon

URLDownloadToFileA

kernel32

WideCharToMultiByte
FindClose
GetStartupInfoA
MultiByteToWideChar
lstrcpyA
lstrcmpA
lstrcpynA
GetSystemTime
ReadFile
GlobalLock
GlobalUnlock
FindFirstFileA
SetCurrentDirectoryA
GetFullPathNameA
FindNextFileA
GetFileSize
SetFilePointer
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalAlloc
GlobalFree
GetLogicalDriveStringsA
GetDriveTypeA
lstrcatA
CreateDirectoryA
WaitForSingleObject
CreateThread
Sleep
CreateProcessA
ExpandEnvironmentStringsA
GetModuleFileNameA
GetModuleHandleA
WinExec
GetProcAddress
LoadLibraryA
CloseHandle
ExitProcess
GetCurrentProcess
ExitThread
ReleaseMutex
GetTickCount
CreateMutexA
GetTempPathA
GetLastError
lstrcmpiA
GetLocaleInfoA
GetVersionExA
GetFileAttributesA
CopyFileA
SetFileAttributesA
GetWindowsDirectoryA
WriteFile
CreateFileA
TerminateThread
TerminateProcess
OpenProcess
InterlockedDecrement
lstrlenA

msvcrt

__CxxFrameHandler
_except_handler3
fprintf
fclose
fgets
toupper
wcslen
__dllonexit
_onexit
_exit
_stricmp
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_strdup
malloc
memset
_snprintf
strlen
sprintf
memcmp
strncpy
srand
strstr
strcpy
rand
strchr
atoi
strtok
strcmp
_vsnprintf
??2@YAPAXI@Z
memcpy
_strlwr
strcat
fread
fopen
free
strncat
realloc

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
GetUserNameA
RegCloseKey
RegDeleteValueA

ws2_32

socket
closesocket
connect
ioctlsocket

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

29ff89ee265bd89a674e321fb3a7c167

Headers

File Characteristics

Imports

user32

ole32

oleaut32

urlmon

kernel32

msvcrt

advapi32

ws2_32

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 279KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 279KB