b10f2a42cb30e8de9182306bc7b56cb0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b10f2a42cb30e8de9182306bc7b56cb0_JaffaCakes118
Size

15KB
MD5

b10f2a42cb30e8de9182306bc7b56cb0
SHA1

9e52a58f2da190533881bbc87a0861e56e9d81ce
SHA256

df0feefebabd3d97f3f510310fa6acec2ebf6c367b23e9ec5396989337e6907b
SHA512

d51083f97c84a3da6ad1318f84b8879330c521664b2d8120a8ed095495d6c68157aed98dfac29ef96e2b8a8a84a9b5a5736201c8bc8da0e4a8f857eabd69b953
SSDEEP

384:kwR+5sul+eRlUycXP5j9+NoSmAO9jgY4N:LRH/Gr9ye

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b10f2a42cb30e8de9182306bc7b56cb0_JaffaCakes118

Files

b10f2a42cb30e8de9182306bc7b56cb0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dba171b126a110f8aa6882eec089a28b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
CloseHandle
UnmapViewOfFile
FindNextFileA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
TerminateProcess
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
GetTempPathA

shell32

ShellExecuteExA
SHChangeNotify

msvcp60

?_Xran@std@@YAXXZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xlen@std@@YAXXZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z

wininet

HttpSendRequestA
InternetCloseHandle
HttpOpenRequestA
InternetConnectA
InternetOpenA

msvcrt

_onexit
__dllonexit
free
??2@YAPAXI@Z
memmove
_strlwr
__CxxFrameHandler
_strcmpi
strstr
strchr
strrchr

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dba171b126a110f8aa6882eec089a28b

Headers

File Characteristics

Imports

kernel32

shell32

msvcp60

wininet

msvcrt

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 4B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 4B