c8d1c4d382fa7eb398a6c14c09414be9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c8d1c4d382fa7eb398a6c14c09414be9_JaffaCakes118
Size

162KB
MD5

c8d1c4d382fa7eb398a6c14c09414be9
SHA1

2b55ec9150c0b3264770b323d286ca325761fe9a
SHA256

38a0c55af64caafc8355cf738d77851587715f0fb77cd296f8332644ab717f07
SHA512

09a36f226b3cc6edb2a59ec69c7ce2640e073f4aee56d3ee676869aa481870e3ff9ed0916b5dd741ec5e60ff80a0ce2438859d92eaa6fdb35f8c4da18bf6e85a
SSDEEP

3072:3g28h0IoDaxwr5CppMqnElcOHk7pTr+bopr/z53N9yM:3/8h0I6lr5RZITygLzRNQM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8d1c4d382fa7eb398a6c14c09414be9_JaffaCakes118

Files

c8d1c4d382fa7eb398a6c14c09414be9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79bf164dea095c97f0f74e04b6ea4ceb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GlobalFree
HeapFree
GetProcAddress
GetModuleHandleA
HeapAlloc
GetProcessHeap
FindResourceA
DeleteFileA
FindClose
FindFirstFileA
GetSystemDirectoryA
Sleep
SetFileAttributesA
CreateDirectoryA
LoadResource
LockResource
SizeofResource
CreateFileA
GlobalAlloc
GetLastError
CloseHandle
GetCommandLineA
GetStartupInfoA
ExitProcess

advapi32

RegOpenKeyExA
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
RegSetKeySecurity
LookupAccountNameA

shell32

ShellExecuteA

msvcp60

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADPAD0@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
??1Init@ios_base@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??0Init@ios_base@std@@QAE@XZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

lz32

LZOpenFileA
LZCopy
LZClose

msvcrt

rand
printf
_except_handler3
isdigit
isspace
srand
time
strcat
strcpy
memset
strstr
memcpy
__CxxFrameHandler

wsock32

htons
socket
recv
send
WSAStartup
gethostbyname
connect
closesocket
WSACleanup

Exports

Exports

atoi
atol

Sections

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79bf164dea095c97f0f74e04b6ea4ceb

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

msvcp60

lz32

msvcrt

wsock32

Exports

Exports

Sections

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 138KB - Virtual size: 138KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 138KB - Virtual size: 138KB