15b8079bf65a6ed1bc21afd176121ec3_JaffaCakes118

General

Target

15b8079bf65a6ed1bc21afd176121ec3_JaffaCakes118
Size

660KB
MD5

15b8079bf65a6ed1bc21afd176121ec3
SHA1

9aad944098da35803b4a9cdb77baa66c4d65f2d5
SHA256

d7a7fac05b57aa92dcb2efec747e663cc9f28aab5012ea870516f8850ca99122
SHA512

d6235b1111285e6d5fa87dc5073d9de049c6f4a0612e676d33fa8256715099fb733ad378cc57a1783fac9ea0b92edd62f1c4188c19421c3f8391c5252eeac49d
SSDEEP

12288:QKhsAgT+myrT+qwsvgc3bLywTtPs/0EpNPpqDZgZh4zLhZaITMeKP2y2:QKhwidTxSOtE/0MwSkHhZaITMeKP1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15b8079bf65a6ed1bc21afd176121ec3_JaffaCakes118

Files

15b8079bf65a6ed1bc21afd176121ec3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9f8d28e38cc3abeaed4042670775422

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetVersion
GetTickCount
Sleep
CreateEventA
HeapCreate
CreateEventW
TerminateProcess
GetModuleHandleW
GetACP
CloseHandle
SetUnhandledExceptionFilter
InterlockedExchange
SetFilePointer
MapViewOfFile
CreateMutexA
GetProcessHeap
GetProcAddress
SetErrorMode
LocalAlloc
GetLocaleInfoA
DeleteCriticalSection
GetThreadLocale
HeapAlloc
FreeLibrary
SetHandleCount
HeapFree
GetLastError
VirtualAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
VirtualFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetOEMCP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 596KB - Virtual size: 595KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9f8d28e38cc3abeaed4042670775422

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 596KB - Virtual size: 595KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 596KB - Virtual size: 595KB

.rsrc
Size: 8KB - Virtual size: 5KB