14308317b783332242d83c502a449390_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14308317b783332242d83c502a449390_JaffaCakes118
Size

97KB
MD5

14308317b783332242d83c502a449390
SHA1

df550ca474b488cc8b25193956c48ceba73ff998
SHA256

baa9f2ce65cce875df278be39e25559ef12e8969af8d938b8b1ed20f95abdfd5
SHA512

921cd4753d3f79df7e221650d110dcdb0d1eab313617f1ac7d35075e146e7534ca9b73f94d460dca40cfcd9b8ce0cfd9fbd41eb46be1a28bbf8a45ce76cf7413
SSDEEP

1536:gpvqBX+OoBDTMHYWmBMUtQMxm3F4rNtrxgicrB533g52tkOWn1:kvAX7o3M4WmBMUtdjKiz52tkO8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14308317b783332242d83c502a449390_JaffaCakes118

Files

14308317b783332242d83c502a449390_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b2543c7dc60de2c2e0a79066dbf9722

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
_controlfp
_except_handler3
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
malloc
strncmp
srand
strrchr
strlen
strncpy
sprintf
strstr
_strnicmp
isdigit
atol
strcmp
rand
memmove
memcpy
abs
__CxxFrameHandler
??1type_info@@UAE@XZ
_strupr
_strlwr
_chmod
memset
_itoa
_stricmp
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_ftol
strchr
_access
time
exit
free
memcmp
memchr
??3@YAXPAX@Z
??2@YAPAXI@Z
sscanf
atoi
strcat
strcpy
_chdrive
strcspn
_chdir
printf

kernel32

lstrcmpiA
InterlockedDecrement
GetModuleHandleA
GetTickCount
OutputDebugStringA
FreeResource
LockResource
SizeofResource
LoadResource
FindResourceA
Sleep
CloseHandle
ReadFile
CreateFileA
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
GetLastError
DeleteFileA
RemoveDirectoryA
CopyFileA
GetModuleFileNameA
GetLocalTime
GetStartupInfoA
RaiseException
InterlockedExchange
GetCurrentProcess
CreateEventA
SetEvent
CreateThread
ExitThread
ResetEvent
GetFileSize
FormatMessageA
lstrcpyA
GetTempPathA
GetTempFileNameA
lstrlenA
OpenProcess
TerminateProcess
GetProcAddress
CreateDirectoryA
MultiByteToWideChar
LocalAlloc
WaitForSingleObject
GetWindowsDirectoryA
WriteFile
GlobalUnlock
GlobalFree
LocalFree
GlobalAlloc
GlobalLock

user32

DestroyMenu
SetWindowTextA
PostMessageA
GetWindowTextA
GetAsyncKeyState
SetFocus
EnableWindow
LoadIconA
RegisterClassExA
TrackPopupMenuEx
EnableMenuItem
GetSubMenu
CreateDialogParamA
GetCursorPos
GetActiveWindow
PostQuitMessage
DefWindowProcA
RedrawWindow
KillTimer
SendMessageA
MessageBoxA
GetDlgItem
SetDlgItemTextA
ShowWindow
SetTimer
EndDialog
DialogBoxParamA
SetForegroundWindow
SetWindowPos
DestroyWindow
LoadStringA
GetParent
GetDC
ReleaseDC
IsIconic
GetWindowRect
ScreenToClient
GetClientRect
IsWindowVisible
BeginPaint
EndPaint
InvalidateRect
SetWindowLongA
IsWindow
GetWindowLongA
GetWindowThreadProcessId
PeekMessageA
GetDlgCtrlID
SetCursor
LoadCursorA
GetMessageA
FindWindowA
CreateWindowExA
DispatchMessageA
TranslateAcceleratorA
TranslateMessage
UpdateWindow
LoadAcceleratorsA
GetDesktopWindow
LoadMenuA
LoadImageA
CallWindowProcA

gdi32

CreateCompatibleDC
RealizePalette
DeleteDC
BitBlt
SelectObject
StretchBlt
GetObjectA
DeleteObject
SelectPalette
CreatePalette
GetDIBColorTable
CreateFontA

advapi32

LookupPrivilegeValueA
CryptDecrypt
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptDestroyHash
CryptEncrypt
CryptDestroyKey
CryptReleaseContext
OpenProcessToken
RegCloseKey
AdjustTokenPrivileges
RegEnumValueA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegConnectRegistryA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA

shell32

ShellExecuteA
Shell_NotifyIconA

urlmon

URLDownloadToCacheFileA
URLDownloadToFileA

wininet

InternetReadFile
InternetQueryDataAvailable
InternetCrackUrlA
InternetGetConnectedState
InternetSetStatusCallback
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

CoUninitialize
CLSIDFromString
CoCreateInstance
CoInitialize

oleaut32

SysFreeString
VariantInit
SysAllocString
VariantClear

Sections

pec1
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7b2543c7dc60de2c2e0a79066dbf9722

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

shell32

urlmon

wininet

version

ole32

oleaut32

Sections

pec1 Size: 116KB - Virtual size: 116KB

.rsrc Size: 64KB - Virtual size: 64KB

.rsrc Size: 4KB - Virtual size: 4KB

pec1
Size: 116KB - Virtual size: 116KB

.rsrc
Size: 64KB - Virtual size: 64KB

.rsrc
Size: 4KB - Virtual size: 4KB