15c65e6b52cd0aeb452d842cf1371f43_JaffaCakes118

General

Target

15c65e6b52cd0aeb452d842cf1371f43_JaffaCakes118
Size

289KB
MD5

15c65e6b52cd0aeb452d842cf1371f43
SHA1

f1159ccd31ed2f7f83803de3de1366640bb79be2
SHA256

c55b9621d8e3d5fed663486305a095453b5bb6050b6c0acb729a3d2fa7ca7b89
SHA512

468e73cd481af67a3a3fa8cdd4a5220908edc385a147c9eeba6e81f032367f1640d9d2e7cfb4868afb74fd80947d022a6b6901b826113e635b3f47f6dc4460b4
SSDEEP

6144:ul9sPd4c31fCpJSu0Su182KkWEQI53qXn/NhZBOGaUgs0Qg:ul9KW003D0SznEV4/NVORDs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15c65e6b52cd0aeb452d842cf1371f43_JaffaCakes118

Files

15c65e6b52cd0aeb452d842cf1371f43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2cdfd2840e621cd4eff533e0eade3d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
SetThreadPriority
Sleep
GetStartupInfoA
GetModuleHandleA
GetTickCount

user32

SetDlgItemTextA
SetWindowTextA
GetWindowTextA
SendMessageA
GetDlgItem
SendDlgItemMessageA
EndDialog
DialogBoxParamA
ReleaseCapture
GetCursorPos
SetCapture
GetWindowRect
MoveWindow

gdi32

SetBkMode
CreateSolidBrush
SetTextColor

advapi32

RegDeleteKeyA

winmm

waveOutOpen
waveOutPrepareHeader
waveOutWrite
waveOutUnprepareHeader
waveOutReset
waveOutClose
waveOutGetPosition

msvcr71

free
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
_c_exit
rand
strncat
strncpy
strchr
srand
malloc
calloc
_CIpow
__p__fmode

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2cdfd2840e621cd4eff533e0eade3d7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winmm

msvcr71

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 34KB - Virtual size: 62KB

.rsrc Size: 30KB - Virtual size: 30KB

.vmp0 Size: 205KB - Virtual size: 205KB

.reloc Size: 1024B - Virtual size: 528B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 34KB - Virtual size: 62KB

.rsrc
Size: 30KB - Virtual size: 30KB

.vmp0
Size: 205KB - Virtual size: 205KB

.reloc
Size: 1024B - Virtual size: 528B