bfacc2ba5a37100d03fb301a77fc1d4a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bfacc2ba5a37100d03fb301a77fc1d4a_JaffaCakes118
Size

213KB
MD5

bfacc2ba5a37100d03fb301a77fc1d4a
SHA1

4738c51940dad51cd274e74db17aa8e7afbd9797
SHA256

6c7acdf0239c50ecd34d91786bb842a5266127f161bff1789e6a85e21e50a47a
SHA512

6cc34ad1a093661432ab86ff5367e78f70678a2e756d0fb71e407d0ab18a1a57034812eee46ca35c26bdc27f616079ef3c247eb65fce0ef56d8cf1d19f884f3e
SSDEEP

6144:JQUBKVYEfhXFjkvyW/50+MosE6K/H0D8ICV1ZAGD6+7:JQSevFxqyWh0o6KsDrpS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Linux.Chapros.A/the_zeus_binary_chapros

Files

bfacc2ba5a37100d03fb301a77fc1d4a_JaffaCakes118
.zip

Password: infected
Linux.Chapros.A/linux-chapros_ E022DE72CCE8129BD5AC8A0675996318
.elf linux x64
Linux.Chapros.A/the_injected_iFrame_java-cve-2012-1723
.zip
LxEt.class
OTF.class
SMo.pnk
WBaVnvvGXb.class
WUVtBsKuiR.class
XcUvIh.class
XkvmN.class
hPCiAAhKF.class
iuJ.class
jBQ.class
mnXh.class
wqLdEn.class
wtNodN.class
Linux.Chapros.A/the_zeus_binary_chapros
.exe windows:5 windows x86 arch:x86

68f24b9125068c7f6c9d08a606f28a36

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW
CommDlgExtendedError
ReplaceTextW
GetOpenFileNameW
PrintDlgExW
FindTextW
PageSetupDlgW
GetFileTitleW
ChooseFontW

kernel32

GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
EncodePointer
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameW
HeapFree
GetFileAttributesA
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
HeapSize
RtlUnwind
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessA
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CompareStringW
SetEnvironmentVariableA
WriteConsoleW
SetStdHandle
CreateFileW
ReadConsoleInputA
SetConsoleMode

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

68f24b9125068c7f6c9d08a606f28a36

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

kernel32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 148KB - Virtual size: 147KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 148KB - Virtual size: 147KB