bc1485c8d814891759bf4405d17451ad_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bc1485c8d814891759bf4405d17451ad_JaffaCakes118
Size

866KB
MD5

bc1485c8d814891759bf4405d17451ad
SHA1

91e6e93bb0438831674babf9c8d890cd7b4015cc
SHA256

41c50d359810afb302be2e1bae93266d74bfa1f343f2b005cf678979a5ccbe6c
SHA512

92699c87c8694b25abfec53c1a40e5bfcfe54b8acf94a0c965759952f18c5ac7fd78e8c9ee54ce77b4dfc3d5a9a54329cd22af03ebc8dc724b1a16d92319e4be
SSDEEP

24576:ldRqBHyvLtZ546zEMgMIXWJ0w4f1SmJM:JWH0HrgMomiiV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc1485c8d814891759bf4405d17451ad_JaffaCakes118

Files

bc1485c8d814891759bf4405d17451ad_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1476c0e9ea076e09e7a9a0a837ce1738

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt40

?seekoff@stdiobuf@@UAEJJW4seek_dir@ios@@H@Z
islower
??0fstream@@QAE@H@Z
setbuf
?width@ios@@QAEHH@Z
_cprintf
labs
_cputs
_futime
_heapadd
??4ostream_withassign@@QAEAAVostream@@ABV1@@Z
?seekp@ostream@@QAEAAV1@J@Z
fgetc
??_Gbad_cast@@UAEPAXI@Z
?lockptr@streambuf@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
time
??4iostream@@IAEAAV0@PAVstreambuf@@@Z
?setbuf@streambuf@@UAEPAV1@PADH@Z
vwprintf
_mbscat
_ltoa
?unbuffered@streambuf@@IBEHXZ
_iob
wcstok
_mbsnicmp
_isctype
_exit
?setmode@fstream@@QAEHH@Z
?osfx@ostream@@QAEXXZ
_mbctombb
?lockptr@ios@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
_heapwalk
__mb_cur_max
?_query_new_handler@@YAP6AHI@ZXZ
?fd@ofstream@@QBEHXZ
??0stdiostream@@QAE@PAU_iobuf@@@Z
_lrotl
??4istream@@IAEAAV0@PAVstreambuf@@@Z
_mbsicmp
?get@istream@@QAEAAV1@PADHD@Z
ldiv

msvcrt

_write
_lseek
_adj_fdiv_r
__getmainargs
_wfindnext64
_wspawnlpe
getchar
_fstati64
iswdigit
exit
_i64toa
__RTtypeid
fgets
_open
??3@YAXPAX@Z
??0exception@@QAE@ABQBD@Z
wcscmp
_wsystem
memcpy
__set_app_type
_wutime
_wfindnext
bsearch
pow
strtok
_statusfp
_pgmptr
_vsnwprintf
_stati64
fputs
_putch
??4exception@@QAEAAV0@ABV0@@Z
??0bad_cast@@AAE@PBQBD@Z
_abnormal_termination
_getcwd
__p__commode
_wfreopen

kernel32

FindVolumeMountPointClose
lstrcmpi
FindNextChangeNotification
GlobalHandle
GetUserDefaultLCID
ResetEvent
SetThreadUILanguage
GetPrivateProfileSectionNamesW
GetLocaleInfoW
FindFirstFileExA
VirtualAlloc
GetFileSizeEx
GlobalFindAtomA
DebugBreak
DeleteCriticalSection
LoadLibraryA
GetLocalTime
GetProcessHeaps
GetSystemWindowsDirectoryA
GetSystemTime
InterlockedExchange
WritePrivateProfileStructW
RequestDeviceWakeup
GetLastError
CreateJobObjectA
GetConsoleAliasExesA
SetCommTimeouts
GetVersion
GetConsoleFontSize
EnumDateFormatsExW
ReplaceFile
GetConsoleWindow
FreeEnvironmentStringsW
HeapValidate
GetSystemDirectoryW
FlushViewOfFile

dhcpcsvc

DhcpDeRegisterParamChange
DhcpAcquireParameters
DhcpOpenGlobalEvent
DhcpLeaseIpAddressEx
DhcpUndoRequestParams
DhcpDeRegisterOptions
DhcpStaticRefreshParams
DhcpReleaseIpAddressLease
DhcpRenewIpAddressLeaseEx
DhcpRequestParams
McastRenewAddress
McastApiCleanup
DhcpReleaseParameters
DhcpCApiInitialize
DhcpReleaseIpAddressLeaseEx
McastEnumerateScopes
McastApiStartup
DhcpLeaseIpAddress
DhcpNotifyConfigChange
DhcpRenewIpAddressLease
DhcpRegisterParamChange
DhcpCApiCleanup
McastGenUID
DhcpFallbackRefreshParams
DhcpNotifyConfigChangeEx
DhcpRemoveDNSRegistrations
DhcpRegisterOptions
DhcpAcquireParametersByBroadcast
DhcpEnumClasses
McastRequestAddress
DhcpPersistentRequestParams
McastReleaseAddress
DhcpDelPersistentRequestParams
DhcpRequestOptions
DhcpHandlePnPEvent

winscard

SCardDisconnect
SCardListInterfacesW
SCardReconnect
SCardRemoveReaderFromGroupA
SCardSetAttrib
SCardGetCardTypeProviderNameA
SCardState
SCardListReadersA
SCardTransmit
SCardEstablishContext
SCardForgetCardTypeW
g_rgSCardRawPci
SCardAccessStartedEvent
SCardGetProviderIdW
SCardAccessNewReaderEvent
SCardSetCardTypeProviderNameW
SCardFreeMemory
SCardLocateCardsW
SCardAddReaderToGroupW
SCardLocateCardsByATRW
ClassInstall32
SCardIntroduceReaderGroupA
SCardIntroduceCardTypeA
SCardForgetReaderGroupA
SCardEndTransaction
SCardListReaderGroupsW
SCardGetProviderIdA
SCardForgetReaderA
SCardLocateCardsByATRA
SCardForgetReaderW
SCardIntroduceCardTypeW
SCardReleaseNewReaderEvent
SCardReleaseStartedEvent
SCardCancel
SCardSetCardTypeProviderNameA
SCardForgetCardTypeA
SCardForgetReaderGroupW
SCardListCardsW
SCardGetStatusChangeA
SCardGetAttrib
SCardLocateCardsA
SCardControl

ntdll

_strcmpi
ZwLoadKey
ceil
log
NtWriteVirtualMemory
RtlFindSetBitsAndClear
NtWriteRequestData
LdrLoadAlternateResourceModule
RtlSubAuthoritySid
_fltused
RtlCreateProcessParameters
RtlWalkHeap
RtlLargeIntegerSubtract
RtlUnicodeStringToOemSize
RtlGetLongestNtPathLength
RtlGetElementGenericTable
ZwReplyWaitReceivePort
NtQuerySection
NtCompactKeys
isupper
ZwQueryMultipleValueKey
ZwCloseObjectAuditAlarm
ZwTestAlert
RtlIsValidHandle
NtPowerInformation
RtlActivateActivationContextEx
RtlQueryTagHeap
NtQueryMutant
_splitpath
NtOpenProcessToken
wcscmp
NtQueryPerformanceCounter
RtlInt64ToUnicodeString
_strlwr

user32

EndDialog
MessageBoxA

shell32

SHGetMalloc

Sections

.text
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 288KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1476c0e9ea076e09e7a9a0a837ce1738

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt40

msvcrt

kernel32

dhcpcsvc

winscard

ntdll

user32

shell32

Sections

.text Size: 370KB - Virtual size: 370KB

.rdata Size: 204KB - Virtual size: 204KB

.data Size: 288KB - Virtual size: 1.7MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 370KB - Virtual size: 370KB

.rdata
Size: 204KB - Virtual size: 204KB

.data
Size: 288KB - Virtual size: 1.7MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B