db4c307f39ff204aecaddfbfe7d262b5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

db4c307f39ff204aecaddfbfe7d262b5_JaffaCakes118
Size

338KB
MD5

db4c307f39ff204aecaddfbfe7d262b5
SHA1

4f18a531fc06565657f72f09087889e16c54c2a2
SHA256

f3bcb34dc9da6e1df01d75aa0d7aa20cef853c35932e3ba8835099871c0469e5
SHA512

cbc2495119e091b663166fabe7f9417c40047dc073040be7e05b956654d7e92e0a32b1eb3627f56414acf77e1912437bf04c6aa68f21f15e0275ddb9eee2e09b
SSDEEP

3072:qc64hWNuYxvG8UV9vGulTOMTZIQXhQ+iujiolNq3bTKgNg99tTq:qcMuoWNKMTZbq/gNYGP99tTq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db4c307f39ff204aecaddfbfe7d262b5_JaffaCakes118

Files

db4c307f39ff204aecaddfbfe7d262b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

652628d5ba7a996b26fe92c1950cf766

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
MulDiv
InitializeCriticalSection
MultiByteToWideChar
lstrlenA
InterlockedDecrement
CloseHandle
LoadLibraryA
lstrlenW
Sleep
WideCharToMultiByte
Thread32Next
ResumeThread
GetCurrentProcessId
OpenThread
Thread32First
IsBadReadPtr
IsBadCodePtr
GetSystemInfo
GetEnvironmentVariableA
LocalFree
GetStartupInfoA
GetProcAddress
VirtualAlloc
GetLastError
GetCurrentThreadId
IsValidCodePage
SuspendThread
GetCommandLineA

user32

GetCapture
GetDesktopWindow
GetWindowThreadProcessId
SetThreadDesktop
IsMenu
DefWindowProcA
CreateWindowExA
GetClientRect
GetSystemMetrics
IsCharAlphaNumericA
PostMessageA
GetForegroundWindow
GetCursor

advapi32

GetUserNameA
RegEnumValueA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegQueryValueExA

ole32

CoCreateInstance
OleRun
CLSIDFromString
CLSIDFromProgID

oleaut32

SysAllocStringByteLen
GetErrorInfo
SysAllocString
SysAllocStringLen
VariantClear
SysStringLen
SysFreeString
SysStringByteLen

msvcp60

??1out_of_range@std@@UAE@XZ
??0out_of_range@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV01@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?_Xran@std@@YAXXZ
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADPADD@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??_7out_of_range@std@@6B@
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Incref@facet@locale@std@@QAEXXZ
??1?$ctype@D@std@@UAE@XZ
??0_Lockit@std@@QAE@XZ
?id@?$ctype@D@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I_N@Z
?_Iscloc@locale@std@@QBE_NXZ
??0?$ctype@D@std@@QAE@PBF_NI@Z
??1_Lockit@std@@QAE@XZ
??_7bad_cast@std@@6B@
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
?do_tolower@?$ctype@D@std@@MBEPBDPADPBD@Z
?do_tolower@?$ctype@D@std@@MBEDD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??_F?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0locale@std@@QAE@PBDH@Z
??1locale@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?do_toupper@?$ctype@D@std@@MBEDD@Z
?do_toupper@?$ctype@D@std@@MBEPBDPADPBD@Z

msvcrt

strcpy
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_onexit
__dllonexit
strncat
strcat
_strnicmp
sprintf
_stricmp
strstr
strchr
strncpy
free
rand
memcmp
srand
strlen
__CxxFrameHandler
_except_handler3
memcpy
memset
malloc
??2@YAPAXI@Z
wcslen
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@ABQBD@Z
_CxxThrowException
_strdup

wininet

InternetReadFile

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

652628d5ba7a996b26fe92c1950cf766

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcp60

msvcrt

wininet

Sections

.text Size: 193KB - Virtual size: 192KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 1024B - Virtual size: 4KB

.text
Size: 193KB - Virtual size: 192KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 1024B - Virtual size: 4KB