15360e6fc9111c60143b893cb9446d51_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15360e6fc9111c60143b893cb9446d51_JaffaCakes118
Size

150KB
MD5

15360e6fc9111c60143b893cb9446d51
SHA1

50c2f60957c6804bd25d02b4e071d8abc71717bb
SHA256

5123f6222a156b1622267ebe977e8ad69d8ee77d70bfd2d0437addc9ff92bfcb
SHA512

bccdd5fb1077199e91666794d6e0908c27dd5ea145afbe12ea52571cd302ceabf62a9062f5ba584d92ad9c1f7ce22c3a339f663e6897c5a2e0968715d965e96f
SSDEEP

3072:uHQfWq8GNVOutfucznLcnSTL0wtCoiBdOJP6H72g0dB:+pcNtlLvWdmP6bw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15360e6fc9111c60143b893cb9446d51_JaffaCakes118

Files

15360e6fc9111c60143b893cb9446d51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

947b8506ec80b4afb7b7b7b2197b3f44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetFileTime
FileTimeToLocalFileTime
lstrcpynA
GetStartupInfoA
GetOEMCP
EnumCalendarInfoA
GetSystemDefaultLCID
VirtualProtect
GetModuleHandleA
GetLocaleInfoA
GetTempPathW

msvcrt

putchar
_wcsnicmp
__p__environ
__set_app_type
__p__fmode
_except_handler3
ctime
_errno
__getmainargs
__setusermatherr
_acmdln
log10
__initenv
time
_initterm
__p__commode
_XcptFilter
sqrt
strchr
exit
_controlfp
_adjust_fdiv

gdi32

CreateCompatibleBitmap
StretchDIBits
GetTextAlign
BitBlt
PolyDraw
ExtSelectClipRgn
CreateBitmap
SetBkColor
SetWindowOrgEx
RectInRegion
DeleteMetaFile

advapi32

RegSetValueExA
ControlService
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExA
RegEnumKeyExA
LookupPrivilegeValueA

comctl32

ImageList_ReplaceIcon
ImageList_Remove
DestroyPropertySheetPage
ImageList_Create
CreateToolbarEx
ImageList_LoadImageA
ImageList_SetDragCursorImage

ole32

CoReleaseMarshalData
StgOpenStorage
CoCreateGuid
RegisterDragDrop
CoSetProxyBlanket
CreateStreamOnHGlobal
StringFromCLSID
OleIsCurrentClipboard

shell32

ExtractIconW
SHGetDesktopFolder
SHBindToParent
ShellExecuteA
DragQueryFile
SHChangeNotify
SHGetPathFromIDList
SHCreateDirectoryExW
SHGetFolderPathW
Shell_NotifyIconW
SHAppBarMessage
ShellExecuteExW
ExtractIconExA
SHGetDiskFreeSpaceExW
ShellExecuteW
SHFileOperationA

user32

ScreenToClient
ShowWindow
SetWindowPos
GetCursorPos
CreateMenu
IsRectEmpty
OpenClipboard

oleaut32

SysAllocStringByteLen
VariantClear
SysAllocStringLen
VariantInit
SafeArrayGetElement
SafeArrayUnaccessData
SysStringByteLen
SafeArrayCreate
SafeArrayRedim
SafeArrayGetUBound

version

VerInstallFileA
VerQueryValueA
VerInstallFileW
GetFileVersionInfoSizeA

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ezocbgf
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

947b8506ec80b4afb7b7b7b2197b3f44

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

advapi32

comctl32

ole32

shell32

user32

oleaut32

version

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 112KB - Virtual size: 140KB

ezocbgf Size: - Virtual size: 4KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 112KB - Virtual size: 140KB

ezocbgf
Size: - Virtual size: 4KB