bc29f12d8dad29f53b1762d0bb8887c6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc29f12d8dad29f53b1762d0bb8887c6_JaffaCakes118
Size

612KB
MD5

bc29f12d8dad29f53b1762d0bb8887c6
SHA1

f78dd9fda0bee045cc62d6fd2a52d0e964abe6a2
SHA256

08bb9a7dd634e07548beb136163e1b98edc672c3542582c18982a144a534efd1
SHA512

11edfce0a24b846c7d7dd0da22b4b834453ff104b447d9eeab36fb4c273205ddcdb1a29808da5ec557ba95fafa03c83b995a8f6c9eec0fb90c4c3005ead0cdca
SSDEEP

12288:9FCIaCuKGaZidDJfPHXMDFQBv5ITnZtu15XSeikGLNrs/G2:HCpC6aZa1HXBTI05ieikAs/G2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc29f12d8dad29f53b1762d0bb8887c6_JaffaCakes118

Files

bc29f12d8dad29f53b1762d0bb8887c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07965f195113a07bb0350ffc54142e64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\obhrzonkld\cekibjue\mzf\comsee.pdb

Imports

wininet

InternetCombineUrlA
InternetQueryDataAvailable
ShowClientAuthCerts
InternetReadFile
HttpOpenRequestA
SetUrlCacheConfigInfoA

kernel32

FreeEnvironmentStringsW
IsDebuggerPresent
FlushFileBuffers
VirtualQuery
MoveFileW
FlushInstructionCache
SetEnvironmentVariableA
GetCurrentThread
TlsFree
GetACP
GetLastError
WriteConsoleOutputA
VirtualUnlock
GetPrivateProfileSectionNamesW
IsValidLocale
ConvertDefaultLocale
ReleaseMutex
TlsAlloc
SetEnvironmentVariableW
GetFullPathNameW
GetAtomNameW
Sleep
GetEnvironmentStringsW
FreeEnvironmentStringsA
lstrlenA
EnumTimeFormatsA
HeapDestroy
SetConsoleCtrlHandler
GlobalDeleteAtom
lstrcmpW
EnumTimeFormatsW
GetVersionExA
VirtualAlloc
GetThreadContext
TerminateThread
GetEnvironmentStrings
GetModuleHandleA
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetConsoleCP
CreateMailslotA
CreateFileA
EnumCalendarInfoExW
TlsGetValue
WideCharToMultiByte
GetProcAddress
OpenEventW
InterlockedDecrement
SuspendThread
SetConsoleTitleW
ExitProcess
SetTimeZoneInformation
CreateEventW
LoadLibraryA
GetWindowsDirectoryW
IsValidCodePage
HeapCreate
GetCurrentThreadId
GetModuleFileNameW
VirtualFree
InitializeCriticalSection
GetProfileSectionW
HeapAlloc
GetProcAddress
GetStringTypeA
WriteConsoleW
SleepEx
GetProcessHeap
WaitCommEvent
LoadLibraryExA
OpenFileMappingW
SetStdHandle
ReadFileEx
VirtualQueryEx
CompareStringW
FindAtomA
LeaveCriticalSection
GetCurrentProcessId
SetFileAttributesA
OpenFileMappingA
WriteFile
ReadFile
GetConsoleMode
OpenWaitableTimerA
QueryPerformanceCounter
HeapFree
GetNumberFormatA
FoldStringA
LCMapStringA
EnterCriticalSection
CreateMutexA
LocalFileTimeToFileTime
EnumSystemLocalesA
CloseHandle
GetStartupInfoA
GetLongPathNameW
GetProfileStringA
GetLocaleInfoW
GetStdHandle
GetModuleFileNameA
GetConsoleOutputCP
GetCurrentProcess
GetDateFormatA
GetTickCount
MultiByteToWideChar
FindResourceA
SetThreadIdealProcessor
GetUserDefaultLCID
HeapSize
GetLogicalDriveStringsA
WriteConsoleOutputAttribute
CommConfigDialogW
GetDiskFreeSpaceA
GetPrivateProfileStringW
LoadResource
SetLastError
SetThreadPriority
GetLocaleInfoA
RtlUnwind
LocalHandle
GetTimeZoneInformation
InterlockedExchange
OpenMutexA
InterlockedIncrement
GetCurrentDirectoryA
GlobalGetAtomNameW
GetDriveTypeA
UnhandledExceptionFilter
GetOEMCP
TlsSetValue
GetCommandLineA
SetFilePointer
DuplicateHandle
WriteProfileStringA
MoveFileA
EnumSystemLocalesW
WriteConsoleA
GetFileType
WriteConsoleOutputCharacterA
TerminateProcess
SetComputerNameA
DebugBreak
GetCPInfo
DeleteCriticalSection
WaitNamedPipeW
GetTimeFormatA
CompareStringA
SetHandleCount
FreeLibrary
LCMapStringW
WaitForSingleObjectEx
SetUnhandledExceptionFilter

shell32

SheChangeDirExW

gdi32

SetBitmapDimensionEx
RestoreDC
EndPage
GetOutlineTextMetricsW
ModifyWorldTransform
GetMiterLimit

advapi32

RegLoadKeyW
RegOpenKeyA
CryptGetDefaultProviderW
RegOpenKeyExW
RegFlushKey
GetUserNameW
GetUserNameA
RegQueryValueW
LookupPrivilegeValueW
RegQueryValueExA
CryptReleaseContext
CryptHashData
RegCreateKeyExW
CryptDuplicateKey
RegQueryValueExW
CryptCreateHash
RegOpenKeyW

user32

DlgDirSelectExW
RegisterClassA
GetSysColorBrush
SetMenu
GetKeyboardState
CheckMenuRadioItem
GetCaretBlinkTime
RealGetWindowClass
ShowWindow
CopyAcceleratorTableA
GetCapture
VkKeyScanW
DestroyWindow
VkKeyScanExW
DestroyIcon
InflateRect
DdeCreateDataHandle
SendMessageTimeoutW
IsCharAlphaNumericW
CreateWindowExW
RegisterClassExA
TileChildWindows
ModifyMenuW
ChangeClipboardChain
ShowCaret
WaitForInputIdle
SetClassLongW
SetProcessWindowStation
DrawFrame
LoadMenuIndirectA
EnumChildWindows
SetPropA
ArrangeIconicWindows
DefWindowProcW
MessageBoxW

comctl32

DrawStatusTextW
ImageList_DragShowNolock
ImageList_SetBkColor
ImageList_GetIcon
ImageList_Create
InitCommonControlsEx

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07965f195113a07bb0350ffc54142e64

Headers

File Characteristics

PDB Paths

Imports

wininet

kernel32

shell32

gdi32

advapi32

user32

comctl32

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 268KB - Virtual size: 266KB

.data Size: 116KB - Virtual size: 138KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 268KB - Virtual size: 266KB

.data
Size: 116KB - Virtual size: 138KB

.rsrc
Size: 48KB - Virtual size: 47KB