15eb10bbeac5035f90618c3e5b8cc9a6_JaffaCakes118

General

Target

15eb10bbeac5035f90618c3e5b8cc9a6_JaffaCakes118
Size

18KB
MD5

15eb10bbeac5035f90618c3e5b8cc9a6
SHA1

7b39713bb79ef2c316e5f89c078613a5b0260a74
SHA256

140fc8661d9680dcb1c532c2fc3d4093243a9de7371ada9371de4345261035f2
SHA512

92aa931963e8c5775f64a9022ccc5629007644d0476701550bc7491462dda788f789dfc5c55c1f2676cb0833340ae7744fce52a5bf035c4fb2a9da8a41e7099d
SSDEEP

192:3pESn3WMSN6V/YJs0nuVoeVqFo/lrhzjB+GRhlcf4vq5/rGTLakkLkCl:3pEo3WBqoFSpcGRM8TLAgY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15eb10bbeac5035f90618c3e5b8cc9a6_JaffaCakes118

Files

15eb10bbeac5035f90618c3e5b8cc9a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24f428a156f7ccff1e80f610e8f68e78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetModuleHandleA
Module32Next
lstrcmpA
Module32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GetCurrentProcess
VirtualProtect
lstrcmpiA
SetLastError
FindNextFileW
WideCharToMultiByte
FindFirstFileW
FindNextFileA
FindFirstFileA
GetProcAddress
GetSystemDirectoryA
lstrcpyA
GlobalLock
GlobalAlloc
lstrlenA
Process32Next
Process32First
OpenProcess
Sleep
WriteFile
ReadFile
GetFileSize
LoadLibraryA
GetModuleFileNameA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
lstrcatA
CreateFileA
CreateFileMappingA
MapViewOfFile
ReadProcessMemory
WriteProcessMemory
UnmapViewOfFile
GlobalUnlock
CloseHandle
RtlUnwind

user32

GetClipboardData
wsprintfA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard

advapi32

RegCloseKey
RegEnumValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueExA
RegCreateKeyExA
RegEnumValueW

ws2_32

socket
inet_addr
closesocket
send
htons
connect
WSAStartup

imagehlp

ImageDirectoryEntryToData

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24f428a156f7ccff1e80f610e8f68e78

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

imagehlp

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 512B - Virtual size: 176B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 512B - Virtual size: 176B