b02f1794a797cedf555c5f654f33ba89_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b02f1794a797cedf555c5f654f33ba89_JaffaCakes118
Size

312KB
MD5

b02f1794a797cedf555c5f654f33ba89
SHA1

80d43345db5588cb81a224130a039e09c16bf627
SHA256

24dcb9399a75dd24ba0b2d7b9f64983530b0f63c92451ec5a7fe0a0e9acf3b8d
SHA512

4369626c84909bcf100baedd4633a10837a528b00fadb862414cbc9500161ace0d899a83cc012d485bc3a7e41c97bda964af8922066603e8146b77db486c827f
SSDEEP

6144:IEaL3dSz3NcSG/c3s+HyNbN16oVO+9tQduvKVNkUincar3:IEaDdSzaB/c3FSdPfVO+9tQAisBncY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b02f1794a797cedf555c5f654f33ba89_JaffaCakes118

Files

b02f1794a797cedf555c5f654f33ba89_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8189607b9bf5488990146be5896d7db3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
GetProcAddress
LoadLibraryA
CopyFileA
TerminateThread
FreeLibrary
SetFileAttributesA
GetSystemTime
lstrlenA
GetPrivateProfileStringA
GetModuleFileNameA
MultiByteToWideChar
GetModuleHandleA
WideCharToMultiByte
lstrlenW

user32

TranslateMessage
DispatchMessageA
PeekMessageA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
SysFreeString
VariantInit

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

shlwapi

PathFileExistsA

msvcp60

?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0out_of_range@std@@QAE@ABV01@@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
??0logic_error@std@@QAE@ABV01@@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??_7out_of_range@std@@6B@
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
??1out_of_range@std@@UAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z

msvcrt

free
_initterm
??1type_info@@UAE@XZ
floor
malloc
_adjust_fdiv
_mkdir
_ftol
strncpy
strncat
remove
_splitpath
_mbsrev
_CxxThrowException
_beginthread
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
fclose
wcscmp
_wtoi
_mbscmp
??2@YAPAXI@Z
sprintf
wcscpy
__CxxFrameHandler
fopen
strcspn
fwrite
wcslen
_itoa
_mbsicmp
_mbsnbcpy

Exports

Exports

CreateUpgradeObj
IsInterNetConnected

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8189607b9bf5488990146be5896d7db3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wininet

shlwapi

msvcp60

msvcrt

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text Size: 248KB - Virtual size: 248KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 248KB - Virtual size: 248KB