10f2dbc065a9cb105cbdf77cb827d1c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10f2dbc065a9cb105cbdf77cb827d1c8_JaffaCakes118
Size

148KB
MD5

10f2dbc065a9cb105cbdf77cb827d1c8
SHA1

64d02e73acc878b2a9f963b18916955a14ece0db
SHA256

c4ad47e2de8e882fe4d63973514e87c982af97e0fc1bc8cf408ff496a1b3bb4c
SHA512

ed42aeb5a8b697c5ada04635a66164361777b9c4412009f48482b4bf8a7522bae1f3056dcc20a6bc137c4aa22c09e2e735faa3ffd585889bb12c287af311923e
SSDEEP

3072:lE1XW1/DwGFkIk7r0kRJeXRA/0/EocDtyJnMVvi7YCFBoTxM:azb+RA/0WyJnovi7PFBou

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10f2dbc065a9cb105cbdf77cb827d1c8_JaffaCakes118

Files

10f2dbc065a9cb105cbdf77cb827d1c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

47ffd4e7f96a23eac8c42fb33edc54c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71

ord1306
ord3403
ord4722
ord4277
ord1600
ord5960
ord5235
ord5233
ord923
ord928
ord932
ord930
ord934
ord2390
ord2410
ord2394
ord2400
ord2398
ord2396
ord2413
ord2408
ord2392
ord2415
ord2403
ord2385
ord2387
ord2405
ord2178
ord2172
ord1522
ord6279
ord3802
ord6277
ord3345
ord4967
ord1362
ord1964
ord1656
ord1655
ord1599
ord5200
ord2862
ord4486
ord751
ord635
ord416
ord562
ord395
ord651
ord5165
ord4265
ord578
ord876
ord2902
ord3934
ord2321
ord310
ord4342
ord1930
ord4035
ord4104
ord4445
ord4250
ord2322
ord6144
ord4019
ord1564
ord6065
ord6283
ord4299
ord2173
ord3287
ord3163
ord2368
ord3204
ord2527
ord5611
ord6060
ord5608
ord6054
ord4161
ord6057
ord5888
ord6037
ord5727
ord5642
ord5647
ord5523
ord5588
ord5414
ord5401
ord5921
ord5719
ord3180
ord602
ord2233
ord1279
ord347
ord5491
ord304
ord3997
ord2271
ord781
ord5563
ord784
ord297
ord1489
ord299
ord2933
ord2346
ord1185
ord2372
ord326
ord5731
ord4001
ord4123
ord2264
ord3952
ord3255
ord1580
ord3441
ord865
ord4085
ord5331
ord262
ord6297
ord5320
ord6286
ord589
ord3499
ord3085
ord4095
ord3500
ord330
ord5205
ord4185
ord6275
ord5073
ord1908
ord5148
ord4244
ord1402
ord3945
ord1617
ord1620
ord5915
ord1557
ord2424
ord2425
ord2992
ord5356
ord943
ord4904
ord2939
ord1207
ord4135
ord4309
ord5012
ord5009
ord2615
ord1913
ord2246
ord4394
ord4594
ord1903
ord1283
ord2371
ord1955
ord3244
ord2094
ord4100
ord1063
ord1280
ord3161
ord1934
ord3210
ord1091
ord1084
ord3466
ord3648
ord1126
ord3830
ord6090
ord566
ord3333
ord4261
ord4481
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2838
ord2714
ord4307
ord2835
ord2731
ord2537
ord5566
ord5213
ord5230
ord4568
ord3948
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276
ord3801
ord6278
ord4014
ord4038
ord2248
ord762
ord757
ord3683
ord265
ord266
ord4118
ord764

msvcr71

_strlwr
_stricmp
_setmbcp
_except_handler3
_purecall
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_onexit
__dllonexit
__security_error_handler
memset
toupper
_mbsicmp
memmove
??0exception@@QAE@XZ
??1exception@@UAE@XZ
fopen
fclose
_beginthreadex
_CxxThrowException
??0exception@@QAE@ABV0@@Z
strncat
free
malloc
strrchr
strstr
__set_app_type
_controlfp
__CxxFrameHandler
sprintf
strncpy
fread

kernel32

InterlockedExchange
CreateMutexA
GetLastError
ExitProcess
FreeLibrary
LoadLibraryA
GetProcAddress
CreateProcessA
WaitForSingleObject
CloseHandle
GetCommandLineA
CreateFileA
WriteFile
GetCurrentThreadId
IsBadReadPtr
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA
GetModuleFileNameA
GetModuleHandleA
SetEvent
InitializeCriticalSection
DeleteCriticalSection
GetVersion
TerminateThread
WinExec
Sleep
WaitForMultipleObjects
SetLastError
OpenEventA
CreateEventA
SetProcessWorkingSetSize
GetCurrentProcess
GetLocalTime
GetFileAttributesA
FindClose
FindNextFileA
OpenProcess
GetTickCount
FindFirstFileA

user32

IsMenu
SetMenuItemInfoA
GetClassNameA
GetMenuItemCount
GetMenuItemRect
GetPropA
SetPropA
RemovePropA
GetSysColor
SystemParametersInfoA
GetSystemMenu
GetMenu
SendMessageA
OffsetRect
CopyRect
GetMenuItemInfoA
DrawStateA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IsRectEmpty
RegisterWindowMessageA
GetCursorPos
SetForegroundWindow
SetMenuDefaultItem
DestroyIcon
LoadStringA
LoadIconA
LoadMenuA
ModifyMenuA
GetSubMenu
LoadBitmapA
UpdateWindow
SetRectEmpty

gdi32

GetTextExtentPoint32A
Rectangle
Ellipse
GetPixel
SetPixel
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetClipBox
CreateSolidBrush
CreatePen
GetTextColor
GetStockObject
GetCurrentObject
GetObjectA
CreateFontIndirectA
DeleteObject
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetTextMetricsA

advapi32

InitializeSecurityDescriptor
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
SetSecurityDescriptorDacl

shell32

ShellExecuteA
Shell_NotifyIconA

comctl32

ImageList_Draw
ImageList_AddMasked
ImageList_GetIcon

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47ffd4e7f96a23eac8c42fb33edc54c2

Headers

File Characteristics

Imports

mfc71

msvcr71

kernel32

user32

gdi32

advapi32

shell32

comctl32

msvcp71

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 84KB - Virtual size: 81KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 84KB - Virtual size: 81KB