15920b3013e4b132afb768420185af3f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15920b3013e4b132afb768420185af3f_JaffaCakes118
Size

487KB
MD5

15920b3013e4b132afb768420185af3f
SHA1

29657dab0963b809a9e76634533b9622dd3e910e
SHA256

c9c783ecc0d3948c8dab913b90ac3d5a24d3bd1187b22ae47125af87911939a3
SHA512

16108c0855ee23aab22af1f0ef02c5629abe931eccf44f132a8afab7bbc9286d727c2c6dcce7b2abc3e352322cb47d303d647c850c7ab1e29375e28fe6c36dca
SSDEEP

6144:6HQNPs98C4RPNHq/EB0BM1zZeVSP9rvkrj73BYfvSjOSLTGEGOta6gn8oaz4ui3F:1sqPQ/WbenWv2LjRDgPbVv8pTtc9nt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15920b3013e4b132afb768420185af3f_JaffaCakes118

Files

15920b3013e4b132afb768420185af3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

141146dc405c803923d678e922b49dbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetDefaultProviderW
LookupAccountSidW
RegSaveKeyA

gdi32

CreateScalableFontResourceW
ExtFloodFill
EnumFontsW
TextOutA
GetBkColor
GetTextExtentExPointW
SetICMMode
GetEnhMetaFileA
ArcTo
ExtTextOutW
GetCharWidthW
GetOutlineTextMetricsW
GetMetaFileW
SetViewportExtEx
GetICMProfileA
PolyDraw
GetPixel
WidenPath
SaveDC
StartPage
MoveToEx

comctl32

InitCommonControlsEx

user32

RegisterClassExA
ValidateRect
RegisterClassA
SubtractRect
CharUpperBuffW

kernel32

GetOEMCP
TlsGetValue
GetModuleHandleA
VirtualQuery
InterlockedDecrement
LoadLibraryA
GetTickCount
VirtualFree
GetPrivateProfileStructW
SetUnhandledExceptionFilter
GetCPInfo
WriteConsoleA
IsDebuggerPresent
GetModuleFileNameA
HeapFree
ExitProcess
IsValidCodePage
SetEnvironmentVariableA
TerminateProcess
TlsAlloc
HeapDestroy
HeapSize
FreeLibrary
DeleteCriticalSection
GetConsoleCP
HeapReAlloc
InterlockedExchange
EnumSystemLocalesA
FindFirstFileExA
DebugBreak
WriteFile
WideCharToMultiByte
GetEnvironmentStrings
GetStdHandle
GetTimeFormatA
OpenMutexA
HeapAlloc
GetCurrentThreadId
GetLastError
GetCurrentThread
InitializeCriticalSection
GetLocaleInfoW
CreateMutexA
GetUserDefaultLCID
MultiByteToWideChar
SetLastError
EnterCriticalSection
QueryPerformanceCounter
IsValidLocale
WriteConsoleW
LeaveCriticalSection
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetDateFormatA
GetACP
GetSystemTimeAsFileTime
CreateFileA
TlsSetValue
GetConsoleOutputCP
SetStdHandle
GetCurrentProcessId
VirtualAlloc
GetConsoleMode
TlsFree
GetTimeZoneInformation
GetProcAddress
SetHandleCount
GetStringTypeW
InterlockedIncrement
FlushFileBuffers
GetVersionExA
GetFileType
CompareStringW
GetStartupInfoA
GetLocaleInfoA
FreeEnvironmentStringsA
LCMapStringA
SetConsoleCtrlHandler
SetFilePointer
CompareStringA
HeapCreate
RtlUnwind
GetProcessHeap
GetCommandLineA
GetCurrentProcess
ReadFile
Sleep
GetStringTypeA
CloseHandle

wininet

ResumeSuspendedDownload
FindFirstUrlCacheEntryExA

Sections

.text
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

141146dc405c803923d678e922b49dbe

Headers

File Characteristics

Imports

advapi32

gdi32

comctl32

user32

kernel32

wininet

Sections

.text Size: 321KB - Virtual size: 321KB

.rdata Size: 49KB - Virtual size: 79KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 321KB - Virtual size: 321KB

.rdata
Size: 49KB - Virtual size: 79KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 9KB - Virtual size: 9KB