bc5ec0845a26d2c48c3e3cd5ece544a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc5ec0845a26d2c48c3e3cd5ece544a4_JaffaCakes118
Size

572KB
MD5

bc5ec0845a26d2c48c3e3cd5ece544a4
SHA1

065df516dbf980f91d22e0abf33c3bd279867bcc
SHA256

23ef8f5751142bd3cc202a09884cb808015a3c927e82e02d9fb7955edc7348dd
SHA512

fdd8262b787447e2742ac54b3cf2d7f5809db5450b5ff654e97e5c0886d60dee5c7ee7b7139f09f4c4701ee766ddacd12f613ee8d3d9a42b38dd452393e1185e
SSDEEP

12288:Pr4BlQROcj02bgXdqslJ9t/kf6iK5ya7JSgrOd5d/dZaq:UBlQwG0LXdqslJD/ZiRgydLlZl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc5ec0845a26d2c48c3e3cd5ece544a4_JaffaCakes118

Files

bc5ec0845a26d2c48c3e3cd5ece544a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

223a9a0d9b2fc8fff603a91c9bea5a77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellHookProc

wininet

HttpAddRequestHeadersA
FindNextUrlCacheEntryW
InternetAutodial
FtpRemoveDirectoryW
InternetTimeFromSystemTimeW
DeleteUrlCacheContainerA
CommitUrlCacheEntryA

user32

HideCaret
CallWindowProcA
IsWindowEnabled
RegisterClassA
SetWindowLongA
GetScrollRange
CharNextW
IsCharAlphaNumericW
LookupIconIdFromDirectoryEx
SetPropW
SetWindowsHookExW
ShowWindowAsync
EndTask
GetClassInfoExA
IsCharUpperW
CloseDesktop
RegisterClassExA
GetKeyboardLayoutNameA
SetClassLongW
SetCursor
UnhookWindowsHookEx
UnregisterDeviceNotification

gdi32

GetCharacterPlacementW
GetCharWidth32W
GetStockObject
CreateCompatibleBitmap
StretchBlt
EnumFontFamiliesW
GetNearestColor
OffsetRgn
CopyMetaFileA
CreatePolygonRgn
GetWorldTransform
GetTextExtentPoint32W
DeviceCapabilitiesExA
SetDIBColorTable
CreateICA
PolyBezierTo
SetBoundsRect
CreateDIBSection
SetPaletteEntries
Pie

comctl32

InitCommonControlsEx

comdlg32

PageSetupDlgW
PageSetupDlgA
ChooseColorA

kernel32

GetOEMCP
GetProcessHeap
GetCurrentThreadId
GetTimeFormatA
FreeLibrary
GetACP
IsDebuggerPresent
EnterCriticalSection
GetConsoleOutputCP
GetModuleFileNameW
InterlockedIncrement
TlsAlloc
GetCurrentThread
GetEnvironmentStringsW
LocalFree
GetFileType
GetCommandLineA
LCMapStringW
WideCharToMultiByte
InterlockedExchange
FlushFileBuffers
HeapFree
FreeEnvironmentStringsA
TlsSetValue
Sleep
HeapSize
HeapReAlloc
SetEnvironmentVariableA
MultiByteToWideChar
GetStartupInfoW
GetCPInfo
GetLastError
GetStringTypeW
CreateMutexA
TerminateProcess
GetDateFormatA
EnumSystemLocalesA
ReadFile
GetTimeZoneInformation
GetCommandLineW
SetUnhandledExceptionFilter
CloseHandle
GetConsoleCP
SetFilePointer
DeleteCriticalSection
GetStringTypeA
GetEnvironmentStrings
GetTickCount
OpenMutexA
DeleteFileA
GetModuleFileNameA
GetUserDefaultLCID
TlsGetValue
HeapCreate
GetModuleHandleA
SetHandleCount
LCMapStringA
GetLocaleInfoA
WriteConsoleA
WriteConsoleW
GetCurrentProcess
GetLocaleInfoW
QueryPerformanceCounter
TlsFree
GetProcAddress
UnhandledExceptionFilter
VirtualQuery
LoadLibraryA
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
CreateFileA
GetConsoleMode
InterlockedDecrement
VirtualAlloc
GetStartupInfoA
IsValidCodePage
SetStdHandle
GetCurrentProcessId
RtlUnwind
VirtualFree
HeapDestroy
GetStdHandle
CompareStringA
InitializeCriticalSection
LeaveCriticalSection
FreeEnvironmentStringsW
ExitProcess
CompareStringW
WriteFile
SetLastError
HeapAlloc
GetVersionExA
IsValidLocale

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

223a9a0d9b2fc8fff603a91c9bea5a77

Headers

File Characteristics

Imports

shell32

wininet

user32

gdi32

comctl32

comdlg32

kernel32

Sections

.text Size: 195KB - Virtual size: 195KB

.rdata Size: 10KB - Virtual size: 41KB

.data Size: 359KB - Virtual size: 358KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 195KB - Virtual size: 195KB

.rdata
Size: 10KB - Virtual size: 41KB

.data
Size: 359KB - Virtual size: 358KB

.rsrc
Size: 6KB - Virtual size: 5KB