15e7e2d4d0fc44d1cbde0e3accc49d1b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

15e7e2d4d0fc44d1cbde0e3accc49d1b_JaffaCakes118
Size

64KB
MD5

15e7e2d4d0fc44d1cbde0e3accc49d1b
SHA1

0280e2559c5cfeb0da64363dfba3281a7699d16e
SHA256

52d1619c46013ce8c2b342da2fbdabd25df6374d294c267d32cb39de53bce018
SHA512

905720ac7c09c14b4a1c38a18ea452b1843317a8a9df82c81146365a0a3dd7a3a2218dee7a6f1367e0bc40230b25438a02d99e621c54ce21094fc77b4a546e4e
SSDEEP

768:8WF1CdV0lPraAGWWi7dPkF1notOol02QjNeQKoYKZyLOQ:cdVSj9PkF1notOb2noYWyi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15e7e2d4d0fc44d1cbde0e3accc49d1b_JaffaCakes118

Files

15e7e2d4d0fc44d1cbde0e3accc49d1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

506cef0c9814e32789030208eddbf2d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
GetCurrentProcess
ReadFile
PeekNamedPipe
WinExec
SetCurrentDirectoryA
GetCurrentDirectoryA
GetComputerNameA
WriteFile
GetDiskFreeSpaceA
GetVolumeInformationA
GetDriveTypeA
GlobalMemoryStatus
GetTempPathA
GetSystemDirectoryA
GetVersionExA
Process32Next
Module32First
GetPriorityClass
OpenProcess
CreateProcessA
CreateToolhelp32Snapshot
GetProcAddress
LoadLibraryA
UnmapViewOfFile
MapViewOfFile
DeviceIoControl
CreateEventA
GetCurrentProcessId
FindNextFileA
FindFirstFileA
LCMapStringA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
FlushFileBuffers
GetOEMCP
GetACP
ExitThread
CreatePipe
CreateThread
GetLastError
TerminateThread
WaitForMultipleObjects
TerminateProcess
DisconnectNamedPipe
CloseHandle
lstrlenA
GetWindowsDirectoryA
GetTickCount
Sleep
lstrcpyA
Process32First
GetCPInfo
WaitForSingleObject
GetExitCodeProcess
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
RtlUnwind
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
ExitProcess
HeapFree
HeapAlloc
GetLocalTime
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetFileAttributesA
UnhandledExceptionFilter
GetModuleFileNameA
LCMapStringW

user32

EnumDisplaySettingsA
MessageBoxA
ExitWindowsEx
FindWindowA
SystemParametersInfoA
ClipCursor
ShowWindow

advapi32

StartServiceCtrlDispatcherA
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
GetUserNameA
OpenSCManagerA
OpenServiceA
CreateServiceA
ChangeServiceConfig2A
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceA
QueryServiceStatus
CloseServiceHandle

shell32

SHFileOperationA

ws2_32.dll

ord1
ord2
ord21
ord9
ord23
ord115
ord3
ord16
ord19
ord15
ord13

winmm

mciSendStringA
PlaySoundA

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rcdat
Size: 128B - Virtual size: 128B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

506cef0c9814e32789030208eddbf2d7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32.dll

winmm

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 38KB

.rcdat Size: 128B - Virtual size: 128B

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 38KB

.rcdat
Size: 128B - Virtual size: 128B