bcc6232f99cf30ec16c09a6fe618bfa2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bcc6232f99cf30ec16c09a6fe618bfa2_JaffaCakes118
Size

163KB
MD5

bcc6232f99cf30ec16c09a6fe618bfa2
SHA1

efaaa2a853468fd768bd689f28cea9551c57b63d
SHA256

d30359055ed999a980c049e0ca24b3dcd461e63922e0ae989ab890f23dacac78
SHA512

aabe122ede7ef053c58818afd092c3ff98a0f6f88703040fe980ae2ce12305cdbba0fab714cc173ae526c1b983e5cf4367a6e6497f8b683d61e166863524a550
SSDEEP

3072:b36wurtWBftlQxhjBWGfKjWnze9a9ZU4hekJLdpu8li1m8FDTPMMfW04t:Ov6HQzBWZjckasorxdpkTDoU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcc6232f99cf30ec16c09a6fe618bfa2_JaffaCakes118

Files

bcc6232f99cf30ec16c09a6fe618bfa2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eaaef0f46be62498bb7e3b3d5107f00e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

advapi32

RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA

kernel32

GetVersionExA
WideCharToMultiByte
GetCurrentProcessId
GetACP
GetSystemInfo
InterlockedIncrement
GetCurrentProcess
lstrcpynA
FlushFileBuffers
LoadLibraryExA
TlsSetValue
TlsGetValue
RtlUnwind
SetHandleInformation
LoadLibraryA
UnhandledExceptionFilter
lstrlenA
SetUnhandledExceptionFilter
LockResource
LeaveCriticalSection
lstrcmpiA
TransmitCommChar
GetProcAddress
GetFileType
InterlockedDecrement
GetSystemTimeAsFileTime
WriteFile
DisableThreadLibraryCalls
SetHandleCount
IsBadReadPtr
FlushInstructionCache
HeapSize
HeapAlloc
SetLastError
HeapCreate
FreeLibrary
GetEnvironmentStrings
DeleteCriticalSection
GetCPInfo
GetModuleHandleA
GetProcessHeap
EnterCriticalSection
VirtualFree
GetStdHandle
EnumResourceNamesW
MulDiv
InitializeCriticalSection
HeapReAlloc
VirtualProtect
GetLocaleInfoA
CloseHandle
GetStringTypeA
lstrcpyA
ExitProcess
QueryPerformanceCounter
VirtualQuery
ExitProcess
LCMapStringW
LoadResource
RaiseException
GetLastError
GetStartupInfoA
GetThreadLocale
TlsAlloc
IsBadCodePtr
lstrlenW
IsDBCSLeadByte
lstrcatA
InterlockedExchange
GetTickCount
SetFilePointer
TerminateProcess
TlsFree
FreeEnvironmentStringsA
SetStdHandle
FindResourceA
GetStringTypeW
FreeEnvironmentStringsW
LCMapStringA
GetOEMCP
IsBadWritePtr
HeapDestroy
GetModuleFileNameA
MultiByteToWideChar
GetEnvironmentStringsW
SizeofResource
GetCurrentThreadId
GetCommandLineA
VirtualAlloc
HeapFree

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc

shlwapi

PathFindExtensionA

user32

GetDialogBaseUnits
CheckDlgButton
MoveWindow
ReleaseDC
SendMessageA
EnableWindow
SetDlgItemTextA
UnregisterClassA
GetDC
IsWindow
ShowWindow
GetDlgItemTextA
IsDialogMessageA
WinHelpA
IsDlgButtonChecked
DestroyWindow
CreateDialogParamA
GetDlgItem
SetWindowLongA
CharNextA

gdi32

DeleteObject
GetDeviceCaps
GetTextMetricsA
GetTextExtentPointA
SelectObject
CreateFontIndirectA

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eaaef0f46be62498bb7e3b3d5107f00e

Headers

File Characteristics

Imports

msimg32

advapi32

kernel32

ole32

shlwapi

user32

gdi32

Sections

.text Size: 138KB - Virtual size: 138KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 19KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 138KB - Virtual size: 138KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 19KB

.crt
Size: 512B - Virtual size: 72KB