178cde9c67f2c439c0dcec738b23b1ae_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

178cde9c67f2c439c0dcec738b23b1ae_JaffaCakes118
Size

10KB
MD5

178cde9c67f2c439c0dcec738b23b1ae
SHA1

f145d6ad18e1f1cd027c3f35c1abad68631481a3
SHA256

0a3d3b57fb4d8f3a8d7d0785e871100b23eb226735cb3dfa13b459b91c463233
SHA512

bc0edd0cd70e18528470d8aa5c0dbcbaa2ffcd21e9ce53a91a067058758dc8a4871d21a1710e90d2377f4416b502ed65088bad0e64dbd1bc60c70e26ecedad43
SSDEEP

192:pF14Vom4PTFO4IoskWS2gGeQqo+pUblQDVSvzJQhbjpBS1mbDAVlDR:psVom4bFO3ZPgEdZQDVt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
178cde9c67f2c439c0dcec738b23b1ae_JaffaCakes118

Files

178cde9c67f2c439c0dcec738b23b1ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89a6fe5e00dbfb16fdcad177c42e9626

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetProcAddress
LoadLibraryA
WaitForSingleObject
CreateThread
CreateMutexA
GetWindowsDirectoryA
GetTempPathA
GetSystemDirectoryA
Sleep
FreeLibrary
GetModuleFileNameA
GetVersionExA
lstrcmpiA
SetFileAttributesA
DeleteFileA
lstrcatA
CloseHandle
ReadFile
SetFilePointer
CreateFileA
GetCurrentProcess
WinExec

urlmon

URLDownloadToCacheFileA

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

wininet

DeleteUrlCacheEntry

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ifstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?getline@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z

msvcrt

strcat
_onexit
__dllonexit
memcpy
memset
malloc
strchr
strlen
strcpy
sprintf
_itoa
_stricmp
strrchr
__CxxFrameHandler
atoi
fread
fclose
fwrite
fopen

Sections

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

89a6fe5e00dbfb16fdcad177c42e9626

Headers

File Characteristics

Imports

kernel32

urlmon

advapi32

wininet

msvcp60

msvcrt

Sections

.data Size: 9KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 8B

.data
Size: 9KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 8B