c0af0b30bd62bc053abb7b65901f4199_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c0af0b30bd62bc053abb7b65901f4199_JaffaCakes118
Size

100KB
MD5

c0af0b30bd62bc053abb7b65901f4199
SHA1

f81e7347f92a4edd3c6eab70b366b89eb2a8a789
SHA256

a458290cb581b1bb6776291f161fb0a7b10016975f810c353e2c17d5c3ed6f32
SHA512

65df7965a0b5f92bddda4d6cf7e1424b6d6a80c2bceadf6f5cec135739c7ca138e8a45fd5e4e6b8c48c35b35a7e18ed0b7d0c4e5b14dc7600e7519b508ad0fed
SSDEEP

1536:ghE66/bxrV7ByLL+LgzlNxNeS4BVdR6jlhllXHIEgrAzhkd:8E7trp2UIxNeS4BVdgTXHIEgrAz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0af0b30bd62bc053abb7b65901f4199_JaffaCakes118

Files

c0af0b30bd62bc053abb7b65901f4199_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4fdb453d26fc19672bd9aea3081feb93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA

wininet

FindNextUrlCacheEntryA
InternetSetOptionA
FindFirstUrlCacheEntryA
InternetGetConnectedState

shlwapi

SHDeleteValueA
PathFileExistsA
SHSetValueA
SHGetValueA

user32

GetSystemMetrics
GetWindowTextA
SetWindowTextA
BringWindowToTop
SetActiveWindow
AttachThreadInput
SetForegroundWindow
SetWindowPos
SetFocus
GetForegroundWindow
GetCursorPos
GetWindowThreadProcessId
CharToOemA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Xran@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Xlen@std@@YAXXZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

kernel32

GetStartupInfoA
GetModuleHandleA
WideCharToMultiByte
ReleaseMutex
GetVolumeInformationA
GetVersionExA
MultiByteToWideChar
lstrlenA
lstrlenW
CreateMutexA
GetLastError
OpenProcess
TerminateProcess
Module32Next
GetTempFileNameA
Process32First
Process32Next
WaitForSingleObject
CloseHandle
DeleteFileA
CopyFileA
GetTempPathA
CreateProcessA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
CreateDirectoryA
GetWindowsDirectoryA
CreateToolhelp32Snapshot
Module32First
GetCurrentThreadId
GetSystemTimeAsFileTime

ole32

CoInitialize
CoCreateInstance
CLSIDFromProgID

oleaut32

SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SysStringLen
SysAllocStringLen
SysFreeString
VariantClear
SysAllocString

msvcrt

strtok
strchr
strtol
fgets
fwrite
sscanf
rand
srand
??1type_info@@UAE@XZ
__dllonexit
_onexit
_exit
_XcptFilter
exit
_ltoa
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_strlwr
_strdup
_itoa
atol
strncmp
wcscmp
??1exception@@UAE@XZ
strncpy
_beginthread
time
atoi
fprintf
fscanf
memmove
??2@YAPAXI@Z
fopen
fseek
free
strstr
malloc
__CxxFrameHandler
sprintf
fclose
fread
ftell

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4fdb453d26fc19672bd9aea3081feb93

Headers

File Characteristics

Imports

shell32

wininet

shlwapi

user32

advapi32

msvcp60

kernel32

ole32

oleaut32

msvcrt

Sections

.text Size: 80KB - Virtual size: 80KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 16KB - Virtual size: 16KB