03f45e0b9f6a90cd604e4a511112eff2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03f45e0b9f6a90cd604e4a511112eff2_JaffaCakes118
Size

36KB
MD5

03f45e0b9f6a90cd604e4a511112eff2
SHA1

8fce4798ff59ec840a1a87bf3d1a4723f8d1afcd
SHA256

db1c7a6b6e3d71c5ad8e19d3e8b0a3b30429d26297f29a7a5a9207edac38a8c9
SHA512

5d565c0571448680f01e4b0f519309c97cde08e1be85b59058ec407408ee74a5affddc0905a94f95b30d7838215be2a4d3fc02eac7140c43bcff4554b02d6dc2
SSDEEP

384:GCRaqcrXNr+0FaGYq4EVtN7liG/ZU52z/ZKx9c61giHOfe2huUCxbXXVVVau:rYqMh5LYA3NQG/iYz/N8g2OfYlbUu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03f45e0b9f6a90cd604e4a511112eff2_JaffaCakes118

Files

03f45e0b9f6a90cd604e4a511112eff2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a35c3d420b3986da16cc53e2789ae444

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

irismon

??0CSSCommonCore@@QAE@XZ
?GetRegRoot@CSSCommonCore@@QAEHPAD@Z
?GetRegRootBHO@CSSCommonCore@@QAEHPAD@Z
?GetRegRootUpdater@CSSCommonCore@@QAEHPAD@Z
?GetContactHost@CSSCommonCore@@QAEHPADAAI@Z
?GetBHOAppPath@CSSCommonCore@@QAEHPAD@Z
?GetBHOAppPathDefault@CSSCommonCore@@QAEHPAD@Z

mfc42

ord3810
ord2393
ord6407
ord537
ord398
ord700
ord858
ord913
ord5856
ord5594
ord1083
ord4189
ord2813
ord5356
ord5207
ord389
ord5353
ord2915
ord533
ord800
ord350
ord5194
ord1997
ord798
ord3663
ord773
ord3616
ord3127
ord5651
ord268
ord823
ord1099
ord1567
ord825
ord860
ord2919
ord5572
ord3790
ord2818
ord941
ord939
ord540
ord501
ord3702
ord3229

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
memmove
strtok
wcscmp
wcstombs
printf
strncat
_snprintf
_spawnl
time
__CxxFrameHandler
_mbscmp
wcsncmp

kernel32

LoadLibraryA
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
GetProcAddress
WriteFile
CreateFileA
GetModuleHandleA
GetStartupInfoA
FreeLibrary
GetVersionExA
MoveFileExA
GetShortPathNameA
WritePrivateProfileStringA
DeleteFileA
GetModuleFileNameA
GetWindowsDirectoryA
GetTempPathA
lstrlenA
CloseHandle
GetTempFileNameA

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a35c3d420b3986da16cc53e2789ae444

Headers

File Characteristics

Imports

irismon

mfc42

msvcrt

kernel32

advapi32

msvcp60

ole32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 5KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 5KB