bcb467db0fb809636361848e6ab73200_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bcb467db0fb809636361848e6ab73200_JaffaCakes118
Size

502KB
MD5

bcb467db0fb809636361848e6ab73200
SHA1

a9c81546f1a3299008582ae35dbaa6ba68ff1396
SHA256

b9e0e7e76a6a2d2230d475b673cc1520e111a10ab908cae2dfd332c4f3dcc463
SHA512

4d5e91d89f5111844fcfa302a1bcb88626fbb12da8a1ca273c200006ecf269ddbe4fe48d93ee7a71d216ca3e3e47c16fe8fef4d9da88cc86685d70a6debe3871
SSDEEP

12288:mGjbAkHXOqhXMW0Db00JA3vk86/ORXtXlmh2JHRK6n:mGjcsXOMX/0Dg0q3vkhORXJlmh2zK6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcb467db0fb809636361848e6ab73200_JaffaCakes118

Files

bcb467db0fb809636361848e6ab73200_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07660bd358a08cb5eee87774d087dbef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
InterlockedExchange
LoadLibraryA
InterlockedDecrement
GetCurrentThreadId
FreeEnvironmentStringsW
GetStdHandle
GetTimeZoneInformation
FlushFileBuffers
IsBadReadPtr
GetTickCount
SetLastError
GetVersion
SetEnvironmentVariableA
GetTimeFormatW
TerminateProcess
SetConsoleCtrlHandler
GetCurrentThread
lstrcpynW
GetSystemTime
TlsSetValue
QueryPerformanceCounter
SetFilePointer
GetModuleHandleA
CompareStringA
HeapAlloc
SetLocaleInfoW
InitializeCriticalSection
OpenMutexA
MultiByteToWideChar
GetModuleFileNameA
LeaveCriticalSection
GetThreadPriority
VirtualFree
DeleteCriticalSection
TlsAlloc
WideCharToMultiByte
HeapFree
OutputDebugStringA
LCMapStringA
GetFileType
EnterCriticalSection
ExitProcess
SetConsoleTextAttribute
GetStringTypeW
TlsFree
VirtualQuery
RtlUnwind
HeapDestroy
GetACP
VirtualProtectEx
GetEnvironmentStrings
FreeEnvironmentStringsA
DebugBreak
GetCPInfo
GetStringTypeA
GetCurrentProcessId
SetHandleCount
GetSystemTimeAsFileTime
AllocConsole
LCMapStringW
UnhandledExceptionFilter
GetOEMCP
CompareStringW
TlsGetValue
CreateMutexA
GetProcAddress
GetCommandLineA
VirtualAlloc
ReadFile
SetStdHandle
GetCurrentProcess
WriteFile
GetLocalTime
HeapCreate
InterlockedIncrement
GetLastError
IsBadWritePtr
GetThreadLocale
CloseHandle
HeapReAlloc
HeapValidate
GetStartupInfoA

user32

DrawStateA
SetRect
CallWindowProcW
RegisterClassExA
OemToCharW
DdeConnectList
DestroyCursor
SetUserObjectSecurity
CopyIcon
BlockInput
RegisterClassA
ExitWindowsEx
BeginPaint
ShowCaret
SetSystemCursor
GetWindowPlacement
DrawTextW
GetInputState
EnableScrollBar
DrawEdge

wininet

InternetReadFileExW
SetUrlCacheEntryGroupA
InternetCrackUrlW
SetUrlCacheConfigInfoA

comctl32

InitCommonControlsEx

advapi32

RegQueryValueExW
InitializeSecurityDescriptor
CryptHashData
GetUserNameA
RegQueryValueExA
RegEnumKeyA

comdlg32

ChooseFontW
FindTextW

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07660bd358a08cb5eee87774d087dbef

Headers

File Characteristics

Imports

kernel32

user32

wininet

comctl32

advapi32

comdlg32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 7KB - Virtual size: 21KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 7KB - Virtual size: 21KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 7KB - Virtual size: 7KB