bc44a5aff486cc7f89e78ff6db9a0100_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc44a5aff486cc7f89e78ff6db9a0100_JaffaCakes118
Size

409KB
MD5

bc44a5aff486cc7f89e78ff6db9a0100
SHA1

326ac85bf8e644da6764777bdcd00e11f8af1793
SHA256

08ec0a4c3eed6f060e7d255bd0f4c808bb7b04d2c271116e3be156d0dc22a0aa
SHA512

01c65c98658bdb0a2200cd78da27d707e4a0161418c9125dc3397c01808ec7a8cdb28151711a730b30b1d1309449ab0ca122b835171b592982a62ae7162dbdb1
SSDEEP

6144:qkUjKEhBNmEleCOFYVZgdzkPD0pFYWYZTpO8iLnIZs1S1WbOQPc4W96SxBLd7S:qkUWgVeVhpFYWWDiLnIZsg4y96Sjx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc44a5aff486cc7f89e78ff6db9a0100_JaffaCakes118

Files

bc44a5aff486cc7f89e78ff6db9a0100_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ffc02a593ec0d4df6666779623dd2a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetDial
InternetOpenA
FtpGetCurrentDirectoryA

shell32

SheChangeDirA
InternalExtractIconListW
ShellExecuteW
ExtractIconExA

comdlg32

ChooseColorW
PrintDlgW
FindTextW
PageSetupDlgA

user32

GetKBCodePage
LoadIconW
AdjustWindowRect
BeginPaint
LoadCursorFromFileA

kernel32

IsValidCodePage
HeapFree
TlsAlloc
EnterCriticalSection
UnhandledExceptionFilter
GetCurrentThread
HeapCreate
SetFileAttributesW
FreeLibraryAndExitThread
GetLastError
GetStdHandle
GetCPInfo
InterlockedExchange
GetCurrentProcess
SetHandleCount
GetStringTypeW
GetCurrentProcessId
HeapDestroy
TlsFree
IsValidLocale
VirtualQuery
GetLocaleInfoW
VirtualProtect
DeleteCriticalSection
WriteConsoleOutputCharacterA
IsBadWritePtr
GetACP
GetOEMCP
LoadLibraryA
RtlUnwind
TerminateProcess
FreeEnvironmentStringsA
GetTimeFormatA
MoveFileExA
WriteConsoleInputA
GetVersionExA
LeaveCriticalSection
ExitProcess
HeapAlloc
GetEnvironmentStrings
GetCommandLineA
HeapReAlloc
SetEnvironmentVariableA
TlsGetValue
GetLocaleInfoA
GetSystemTimeAsFileTime
SetLastError
MultiByteToWideChar
GetTimeZoneInformation
GetCurrentThreadId
CreateFileMappingA
CreateThread
LCMapStringW
WideCharToMultiByte
GetFileType
GetDateFormatA
GetProcAddress
CompareStringA
GetTickCount
FreeEnvironmentStringsW
QueryPerformanceCounter
HeapSize
GetSystemInfo
TlsSetValue
GetModuleHandleA
GetThreadTimes
EnumSystemLocalesA
VirtualAlloc
GetStartupInfoA
CompareStringW
VirtualFree
GetModuleFileNameA
SetConsoleCtrlHandler
GetStringTypeA
GetEnvironmentStringsW
SetConsoleMode
LCMapStringA
GetUserDefaultLCID
WriteFile
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ffc02a593ec0d4df6666779623dd2a8

Headers

File Characteristics

Imports

wininet

shell32

comdlg32

user32

kernel32

Sections

.text Size: 116KB - Virtual size: 116KB

.rdata Size: 7KB - Virtual size: 22KB

.data Size: 278KB - Virtual size: 277KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 116KB - Virtual size: 116KB

.rdata
Size: 7KB - Virtual size: 22KB

.data
Size: 278KB - Virtual size: 277KB

.rsrc
Size: 6KB - Virtual size: 5KB