15c54517bdda07327709abbca73ee4a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15c54517bdda07327709abbca73ee4a1_JaffaCakes118
Size

568KB
MD5

15c54517bdda07327709abbca73ee4a1
SHA1

9e4ef4d636ba09732e73b77d59c11d681cddcb2c
SHA256

110bc059bfb9c2374ff562f4db8429d763380e21009732ed7332ecc61378d0e1
SHA512

ec8ec23e71d67e7b393c6444bb7cf3aa4da1718f711c6317cb4e16a7831a5775bbd626e0f25e0f69f22fde865174aaf9aedfed029455aaf88869f9ba83075a71
SSDEEP

12288:LPxQZ69Nm1A/EbZlRydkJYnQdf4FETjY:L5c6qgARyiJY8AFE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15c54517bdda07327709abbca73ee4a1_JaffaCakes118

Files

15c54517bdda07327709abbca73ee4a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

948f19284722568211e01e54eb31b802

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\atsog

Imports

comctl32

ImageList_Draw
CreatePropertySheetPageA
ImageList_Destroy
ImageList_GetImageInfo
CreateToolbar
ImageList_LoadImage
ImageList_Replace
ImageList_SetFilter
CreatePropertySheetPage
ImageList_EndDrag
GetEffectiveClientRect
ImageList_LoadImageW
ImageList_DrawIndirect
ImageList_GetImageRect
InitCommonControlsEx
DrawStatusTextA
CreateStatusWindowW
ImageList_DragShowNolock
ImageList_Merge
ImageList_GetIconSize
ImageList_Duplicate
ImageList_Add
ImageList_GetBkColor
ImageList_DragMove
ImageList_SetImageCount
ImageList_SetBkColor

kernel32

lstrlenA
MultiByteToWideChar
SetConsoleCursorInfo
CompareStringW
GetModuleHandleW
ExpandEnvironmentStringsW
LoadLibraryA
GetCurrentThread
VirtualFree
TlsAlloc
GetLastError
GetEnvironmentStringsW
SetLastError
FreeEnvironmentStringsA
WriteFile
GetCurrentProcess
FlushFileBuffers
HeapDestroy
QueryPerformanceCounter
OutputDebugStringA
GetStringTypeW
SetHandleCount
GlobalFindAtomW
ReadConsoleW
CloseHandle
GetConsoleCP
GetTimeFormatA
LocalReAlloc
TerminateProcess
HeapAlloc
EnumCalendarInfoA
FreeEnvironmentStringsW
lstrcmpi
GetConsoleOutputCP
TlsGetValue
InitializeCriticalSectionAndSpinCount
LCMapStringW
FlushInstructionCache
UnlockFileEx
OpenMutexW
GetLocalTime
CreateMutexA
GetVolumeInformationW
GetAtomNameA
WriteConsoleW
GetWindowsDirectoryW
ContinueDebugEvent
CreateDirectoryExA
OpenMutexA
AddAtomW
GetPrivateProfileStringW
TlsSetValue
IsDebuggerPresent
HeapSize
GetCommandLineA
RtlUnwind
GetExitCodeProcess
GetCurrentThreadId
lstrcmpiA
HeapLock
EnumTimeFormatsA
SetConsoleCursorPosition
VirtualAlloc
GetVersionExW
DeleteFileW
EnumSystemLocalesA
FindFirstFileExA
ReadFile
GetUserDefaultLCID
AddAtomA
SetFilePointer
GetStartupInfoA
GetStringTypeExW
WriteConsoleA
GetPrivateProfileIntW
VirtualQuery
PulseEvent
GetNumberFormatA
LocalFileTimeToFileTime
IsValidCodePage
VirtualLock
SetCurrentDirectoryW
ExitProcess
GetSystemTimeAsFileTime
CreateFileW
GetOEMCP
WideCharToMultiByte
UnhandledExceptionFilter
SetEnvironmentVariableW
InterlockedDecrement
GetPrivateProfileStructW
SetConsoleCtrlHandler
GetEnvironmentStrings
FoldStringA
HeapFree
GetWindowsDirectoryA
IsValidLocale
InterlockedExchange
GetCurrentDirectoryA
CreateToolhelp32Snapshot
GetCurrentProcessId
HeapReAlloc
GetTimeZoneInformation
GetACP
GetModuleFileNameA
GetStringTypeA
LeaveCriticalSection
FindNextFileA
CompareStringA
MapViewOfFile
GetPrivateProfileSectionNamesW
GetStdHandle
GetFileType
GetConsoleScreenBufferInfo
DeleteCriticalSection
GetLocaleInfoA
GetTickCount
SetStdHandle
ConvertDefaultLocale
EnterCriticalSection
LocalAlloc
HeapCreate
OpenSemaphoreA
GetLocaleInfoW
VirtualUnlock
TlsFree
GetDateFormatA
GetCPInfo
SetUnhandledExceptionFilter
GetLogicalDriveStringsW
FreeLibrary
GetConsoleMode
InterlockedIncrement
GetModuleHandleA
LCMapStringA
GlobalFindAtomA
MoveFileW
SetEnvironmentVariableA
Sleep
SetComputerNameW
ResumeThread
GetModuleFileNameW
FindFirstFileW
GetProcAddress
GetEnvironmentVariableA
CreateFileA

user32

LoadImageA
IsCharLowerA
IsDialogMessageA
CharToOemW
DispatchMessageA
DefDlgProcA
SendMessageTimeoutW
DialogBoxIndirectParamA
GetWindowTextLengthW
EnumDesktopsW
ChangeDisplaySettingsA
ImpersonateDdeClientWindow
CountClipboardFormats
MenuItemFromPoint
GetPriorityClipboardFormat
GetWindowTextLengthA
CloseWindowStation
OpenIcon
UnhookWinEvent
IntersectRect
RegisterClassA
CharToOemA
GetMessageA
IsChild
GetListBoxInfo
AttachThreadInput
LoadCursorW
IsWindowVisible
GetMessageTime
GetClassWord
GetClassNameW
SetKeyboardState
GetKBCodePage
ShowCursor
IsClipboardFormatAvailable
RegisterClassExA

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

948f19284722568211e01e54eb31b802

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 112KB - Virtual size: 126KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 112KB - Virtual size: 126KB

.rsrc
Size: 20KB - Virtual size: 16KB