15545e425a0e96179468deec3e860941_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

15545e425a0e96179468deec3e860941_JaffaCakes118
Size

24KB
MD5

15545e425a0e96179468deec3e860941
SHA1

6950bb26a95cc1aa493292f169cd9418b92933d7
SHA256

2373772c53c3eaae244a3e82bd180a2845444acd8dde2d2430b70425c50c280c
SHA512

afaee40efa645d2a8201cac8f51d41565f3a874bfac12573347cfaf0ccd28430b35f77d5f88134ad1c8f1cf2538a028ea4f8f7339a1e073819353eebbc773e32
SSDEEP

384:2vX0FOHUyhSHKvcAmBtKyk9kw+CBY4TmoNLkrnYh8TPFtoVEnnH81AvK:CXzX5vzmBLtOnNwrnuCPFuVEc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15545e425a0e96179468deec3e860941_JaffaCakes118

Files

15545e425a0e96179468deec3e860941_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1b66e9a2af51f93694b216a347e90f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
GetModuleFileNameA
lstrcatA
WaitForSingleObject
CloseHandle
DeleteFileA
ExitThread
TerminateThread
GetTickCount
GetModuleHandleA
WaitForMultipleObjects
ResetEvent
lstrcmpA
CompareStringA
Process32First
WriteFileEx
WaitForSingleObjectEx
LoadResource
FindResourceA
GetModuleHandleW
GetProcAddress
SetFileAttributesW
lstrlenA
MultiByteToWideChar
Sleep
CreateFileA
lstrcpyA
CreateThread
GetLastError
CreateProcessA
CreateEventA
HeapAlloc
GetProcessHeap
HeapFree
ExitProcess
GetCommandLineA
SetEvent

user32

SetWindowTextA
ReleaseDC
PostQuitMessage
TranslateMessage
DispatchMessageA
PeekMessageA
MsgWaitForMultipleObjects
RegisterClassA
CreateWindowExW
DefWindowProcA
wsprintfA
CreateWindowExA
DestroyWindow
MessageBoxA
LoadIconA
FindWindowA
wsprintfW
ShowWindow

advapi32

RegCreateKeyA
RegSetValueExW
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegNotifyChangeKeyValue

shell32

SHGetFolderPathA
Shell_NotifyIconA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysAllocString

wininet

InternetGetConnectedState

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1b66e9a2af51f93694b216a347e90f0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wininet

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 7KB