15d2c9d2511fca59d238fb71f9b4bcf1_JaffaCakes118

General

Target

15d2c9d2511fca59d238fb71f9b4bcf1_JaffaCakes118
Size

560KB
MD5

15d2c9d2511fca59d238fb71f9b4bcf1
SHA1

60e7d768cb387fe91739d5434f227d396addb6f5
SHA256

97fa954b6966ba83e4d96e74c25d1e57bc080e377b4ac128725f8e1b9989da28
SHA512

a5e2d5cf51ad797ec9d564f26231fa6380cf2dea56b800d00611940db0fbad2fab4b98bb919025106b2cec39a96bac49892c5aed4c9e3cd36b9de848f4814412
SSDEEP

12288:rFRoru4XHOi5BEIhLLoprTqtMd/DeAsI8VEZ:prYMNTNpHsI88

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15d2c9d2511fca59d238fb71f9b4bcf1_JaffaCakes118

Files

15d2c9d2511fca59d238fb71f9b4bcf1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d0fea054cdc4bef9ad09300022876eec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
lstrlenA
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
LeaveCriticalSection
EnterCriticalSection
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
InterlockedExchange
VirtualQuery
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect
GetSystemInfo

Exports

Exports

arabececuj
avukuceba
dufubowu
fijuqunuci
gekuwerip
lejabehe
ociwucod
osohecofo
yewexayeko

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 508KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0fea054cdc4bef9ad09300022876eec

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 508KB - Virtual size: 509KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 508KB - Virtual size: 509KB

.reloc
Size: 8KB - Virtual size: 5KB