fc2b99fdf9d94bc540f5839419c320ff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc2b99fdf9d94bc540f5839419c320ff_JaffaCakes118
Size

212KB
MD5

fc2b99fdf9d94bc540f5839419c320ff
SHA1

02cd991a6eed6e89b613003d471c4f9b6ae08b38
SHA256

b6e67ca37e9914916b03048b23b7b42f747c16757ba8b2382019e4320cf49f17
SHA512

cddb6274a33e393005ff5cc523463ef5c77aec8a463832790e249acbb7f4132fe037a1e2f4a4777231c2b89a2f9c8545b2100329af90e9473d203b48405eb91a
SSDEEP

3072:lRWN+GlTQ/hKvGqlsdwUtD2+2/XInG+wHtk6VMca+9y3yaZjYnM1o:lRWN+VZhYsdwyDoXsB6JVjS3g2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc2b99fdf9d94bc540f5839419c320ff_JaffaCakes118

Files

fc2b99fdf9d94bc540f5839419c320ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a7aacbf8ae044b36b28fdfa5f528293

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

abs
memcpy
strcat
sprintf
strlen
strncpy
isdigit
strstr
_strnicmp
rand
atol
strcmp
_ftol
free
malloc
_access
srand
strchr
_controlfp
_except_handler3
??1type_info@@UAE@XZ
_strupr
_strlwr
_chmod
_itoa
_stricmp
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
realloc
memchr
memcmp
memmove
memset
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
strncmp
strrchr
exit
time
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
strcpy
atof
sscanf
strcspn
atoi
printf
_chdrive
_chdir

kernel32

CreateEventA
GlobalFree
GlobalUnlock
GetModuleHandleA
OutputDebugStringA
GetTickCount
lstrlenA
lstrcatA
Sleep
FreeResource
LockResource
SizeofResource
LoadResource
FindResourceA
lstrcpyA
CopyFileA
CloseHandle
ReadFile
CreateFileA
GetTempPathA
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
GetLastError
DeleteFileA
GetModuleFileNameA
RemoveDirectoryA
lstrcmpiA
GetLocalTime
GetStartupInfoA
InterlockedExchange
GlobalLock
GlobalAlloc
LocalFree
LocalAlloc
WaitForSingleObject
GetProcAddress
WriteFile
GetWindowsDirectoryA
FormatMessageA
GetFileSize
MultiByteToWideChar
CreateDirectoryA
GetCurrentProcess
TerminateProcess
OpenProcess
GetTempFileNameA
InterlockedDecrement
RaiseException
GetVersionExA
SetEvent
CreateThread
ExitThread
ResetEvent

user32

ScreenToClient
GetClientRect
IsWindowVisible
GetActiveWindow
DefWindowProcA
EnableMenuItem
LoadCursorA
RegisterClassExA
FindWindowA
CreateWindowExA
CharLowerA
GetMessageA
EndPaint
TranslateMessage
DispatchMessageA
LoadAcceleratorsA
GetDesktopWindow
GetMenu
SetMenu
UpdateWindow
CreateDialogParamA
GetWindowRect
IsIconic
ReleaseDC
GetDC
GetParent
LoadStringA
DestroyWindow
SetWindowPos
SetCursor
InvalidateRect
SetWindowLongA
IsWindow
GetWindowLongA
CallWindowProcA
BeginPaint
LoadImageA
TranslateAcceleratorA
LoadMenuA
PostQuitMessage
GetCursorPos
GetSubMenu
TrackPopupMenuEx
DestroyMenu
MoveWindow
LoadIconA
EnableWindow
SetFocus
FillRect
GetWindowTextA
SetWindowTextA
RedrawWindow
MapWindowPoints
PostMessageA
GetAsyncKeyState
KillTimer
SendMessageA
MessageBoxA
GetDlgItem
SetDlgItemTextA
SystemParametersInfoA
ShowWindow
SetTimer
EndDialog
DialogBoxParamA
SetForegroundWindow
GetWindowThreadProcessId
PeekMessageA
GetDlgCtrlID

gdi32

SelectPalette
SetTextColor
CreateFontA
CreateSolidBrush
SetBkColor
GetDIBColorTable
CreatePalette
DeleteObject
RealizePalette
GetObjectA
StretchBlt
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

advapi32

CryptDestroyKey
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegConnectRegistryA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegEnumValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CryptReleaseContext
CryptEncrypt
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptDecrypt

shell32

ShellExecuteA
Shell_NotifyIconA

urlmon

URLDownloadToFileA
URLDownloadToCacheFileA

wininet

InternetCrackUrlA
InternetQueryDataAvailable
InternetReadFile
InternetSetStatusCallback
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetGetConnectedState
HttpQueryInfoA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ole32

CoCreateInstance
CoInitialize
CLSIDFromString
CoUninitialize

oleaut32

VariantClear
SysFreeString
VariantInit
SysAllocString

Sections

pec1
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7a7aacbf8ae044b36b28fdfa5f528293

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

shell32

urlmon

wininet

version

ole32

oleaut32

Sections

pec1 Size: 128KB - Virtual size: 128KB

.rsrc Size: 60KB - Virtual size: 60KB

.pec Size: 16KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 4KB

pec1
Size: 128KB - Virtual size: 128KB

.rsrc
Size: 60KB - Virtual size: 60KB

.pec
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 4KB