ea8e5b306b0991131d3f3c7fd24930dc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ea8e5b306b0991131d3f3c7fd24930dc_JaffaCakes118
Size

1.1MB
MD5

ea8e5b306b0991131d3f3c7fd24930dc
SHA1

d97e6048ec1acf8a8d8c819f50c46441ace737bb
SHA256

53476c953e333e8959bef3cb9acee0f03ebde7fccd78d501e1ea113ac9c515c7
SHA512

1e0821f2bec5d9aa800455a644911c792b21fdbc3360aa6e20137e4b400bc337989a14a92e466a4846c044e4b6134a3ed26d361ec89ce6192a97bd95b2f45497
SSDEEP

24576:xNaUYNd9ZFVzIv1kGlB74Mwb7Uw9TRlAaaosXVsvNVeDKFdu9N6XTrQ:xjYNSEN8mnvGKFdu9N6XT8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea8e5b306b0991131d3f3c7fd24930dc_JaffaCakes118

Files

ea8e5b306b0991131d3f3c7fd24930dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c199d893fcaaf7dfc9211b8b448f621f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoCreateInstance
CoUninitialize

kernel32

InitializeCriticalSection
TlsGetValue
DuplicateHandle
CreateEventW
SetEvent
WaitForMultipleObjects
GetThreadPriority
ResumeThread
TlsSetValue
SetThreadPriority
TerminateThread
GetCurrentThread
TlsAlloc
Sleep
TlsFree
GetCurrentThreadId
UnmapViewOfFile
CreateFileMappingW
GetSystemInfo
MapViewOfFile
SetErrorMode
GetLogicalDrives
GetFileTime
DeviceIoControl
GetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
MoveFileW
CopyFileW
DeleteFileW
GetFullPathNameW
SetEndOfFile
GetTempPathW
CreateFileW
DeleteCriticalSection
GetProcAddress
GetCurrentProcess
GetCurrentDirectoryW
WriteFile
ReadFile
SetFilePointerEx
GetFileAttributesExW
FindFirstFileW
FindClose
GetFileInformationByHandle
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileType
GetVersionExW
FormatMessageW
LocalFree
GetTimeFormatW
GetDateFormatW
GetLocaleInfoW
GetCommandLineW
GetCurrentProcessId
CreateSemaphoreW
WaitForSingleObject
ReleaseSemaphore
CloseHandle
GetUserDefaultLCID
CompareStringW
WideCharToMultiByte
GetLastError
GetModuleFileNameW
GetModuleHandleW
OutputDebugStringW
ResetEvent
FindNextFileW
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
EnterCriticalSection
WritePrivateProfileStringA
MoveFileExA
MultiByteToWideChar
LoadLibraryW
LeaveCriticalSection

msvcp80

?uncaught_exception@std@@YA_NXZ

msvcr80

_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_vsnprintf_s
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_beginthread
_beginthreadex
_endthreadex
fwrite
_write
fgets
fread
_fseeki64
_read
fclose
_close
_getpid
_wchmod
_open_osfhandle
_getdrive
_wgetdcwd
feof
?terminate@@YAXXZ
_errno
_fileno
_get_osfhandle
_gmtime64_s
_localtime64_s
_mktime64
__iob_func
fprintf
fflush
exit
getenv_s
rand
??0exception@std@@QAE@ABQBDH@Z
strcpy_s
_clearfp
_control87
_tzset
_get_tzname
isspace
isdigit
isalpha
isupper
strncmp
_lseeki64
_ftelli64
strchr
_waccess
_purecall
memchr
memmove
??_V@YAXPAX@Z
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
memcpy
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
realloc
free
atoi
memset
_CxxThrowException
??3@YAXPAX@Z
malloc
__CxxFrameHandler3
__set_app_type
_encode_pointer
__setusermatherr
__p__commode
_filelengthi64
_adjust_fdiv
__p__fmode

ws2_32

WSAAsyncSelect

user32

TranslateMessage
DispatchMessageW
SetWindowsHookExW
UnhookWindowsHookEx
DestroyWindow
UnregisterClassW
RegisterClassW
CreateWindowExW
SetWindowLongW
MsgWaitForMultipleObjectsEx
DefWindowProcW
KillTimer
GetQueueStatus
CallNextHookEx
SetTimer
PostMessageW
PeekMessageW
CharNextExA
GetWindowLongW

advapi32

RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegFlushKey
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
OpenProcessToken
RegEnumValueW
RegEnumKeyExW
GetTokenInformation
RegSetValueExW

Sections

.text
Size: 688KB - Virtual size: 684KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c199d893fcaaf7dfc9211b8b448f621f

Headers

File Characteristics

Imports

ole32

kernel32

msvcp80

msvcr80

ws2_32

user32

advapi32

Sections

.text Size: 688KB - Virtual size: 684KB

.rdata Size: 404KB - Virtual size: 403KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 688KB - Virtual size: 684KB

.rdata
Size: 404KB - Virtual size: 403KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 3KB