fb8e774f913819c8de204e0c2f71d278_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb8e774f913819c8de204e0c2f71d278_JaffaCakes118
Size

228KB
MD5

fb8e774f913819c8de204e0c2f71d278
SHA1

37f047b52c881024dcc13d61222c0939e2a37b3b
SHA256

0bbb565e914019c99928e852bf7ac436234090a244c137ba16e23f6c0ab30bb3
SHA512

52a7a44d57fd0776ffdbe52105b9d77e19eb42658a8b42d1a6b31db72145980836889f99f43287aeeef9820ee3dd6991fb4de051e711d77cbe118ba69ff0a4f8
SSDEEP

6144:82Q6bvV40ndsPt60Nlnt5IwcDR+2GC4Vqw3JT:82QO40nc1gwTC4ZT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb8e774f913819c8de204e0c2f71d278_JaffaCakes118

Files

fb8e774f913819c8de204e0c2f71d278_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5cde6abf4616ceadf36ff586704f08a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
CreateThread
WaitForSingleObject
Sleep
GetModuleHandleW
lstrcpynW
MoveFileW
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpyW
GetStartupInfoA
GetModuleHandleA
VirtualFreeEx
CreateProcessW
GetCurrentProcess
DuplicateHandle
TerminateProcess
lstrcmpA
ReadProcessMemory
GetExitCodeThread
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
FindResourceExW
LoadResource
LockResource
SizeofResource
lstrlenA
lstrcpyA
FormatMessageW
LocalAlloc
LocalFree
FindFirstFileW
FindNextFileW
FindClose
SetFileAttributesW
GetFileSize
WriteFile
ReadFile
CreateFileW
lstrlenW
lstrcatW
lstrcmpW
GetComputerNameW
GetModuleFileNameW
GetSystemDirectoryW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExW
CloseHandle
OpenProcess
GetLastError
GetLocaleInfoW

user32

wsprintfA
wsprintfW
IsCharAlphaW
GetWindowTextLengthW
EnumWindowStationsW
GetWindowTextW
EnumDesktopsW
OpenWindowStationW
CloseDesktop
EnumDesktopWindows
OpenDesktopW
GetWindowThreadProcessId

shlwapi

StrCpyNW
StrCmpIW
StrStrIW
StrNCatW
StrCmpW
StrStrW
StrChrW

shfolder

SHGetFolderPathW

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0_Lockit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??1_Lockit@std@@QAE@XZ

msvcrt

_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
free
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
__getmainargs
atoi
memcpy
strlen
_CxxThrowException
memset
_ftol
cos
??2@YAPAXI@Z
__CxxFrameHandler
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp

advapi32

RegEnumValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegQueryInfoKeyW

wininet

HttpOpenRequestW
InternetConnectW
InternetOpenW
InternetCrackUrlW
HttpSendRequestW
InternetCloseHandle

psapi

EnumProcessModules
EnumProcesses
GetModuleFileNameExW
GetModuleBaseNameW

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cde6abf4616ceadf36ff586704f08a7

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

shfolder

msvcp60

msvcrt

advapi32

wininet

psapi

Sections

.text Size: 74KB - Virtual size: 74KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 121KB - Virtual size: 120KB

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 121KB - Virtual size: 120KB