15d2c7b3dfc88d7f4a5d30205c6bce2a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15d2c7b3dfc88d7f4a5d30205c6bce2a_JaffaCakes118
Size

160KB
MD5

15d2c7b3dfc88d7f4a5d30205c6bce2a
SHA1

d40dfd5605fec00bf1e1c67037f480608d6e6388
SHA256

98df5452df48e6f06a8171189c3d0e17952fa668bb53e029a71a3426494636d2
SHA512

b7dc2929fe5e8327241e582e64c859a6f0670e3ebc4103a73ef6cb62a21ff21594affb3f8cbec58f1328c3cdda668768f2adafa3896180e9cc05fc3f3f358a23
SSDEEP

1536:5sVs5I1U60y9IzZzb0gim1/t0kk0YBEVbs96W3q7VoagHJ:Csq1U60yOlzhptHk09Vbs97a7Voa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15d2c7b3dfc88d7f4a5d30205c6bce2a_JaffaCakes118

Files

15d2c7b3dfc88d7f4a5d30205c6bce2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

359c988a7ca0602db0e8a1b7426d0462

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CloseFigure
AddFontResourceA
AddFontMemResourceEx
DeleteObject
GetPixel
ClearBrushAttributes
CancelDC
GetBitmapBits
BeginPath
ExtTextOutA
AddFontResourceTracking
GetBrushOrgEx
GetCurrentPositionEx
DeleteDC
GetPixel
SetTextColor
CloseMetaFile
AddFontResourceExA
ClearBitmapAttributes
AddFontResourceTracking
BitBlt
DeleteObject
CopyMetaFileA
GetPixel
ExcludeClipRect
CancelDC
CloseFigure
AddFontResourceA
GetClipBox
GetBitmapBits

comctl32

ImageList_DragMove
ImageList_Remove
ImageList_GetImageCount
ImageList_DragLeave
ImageList_DrawEx
ImageList_Copy
ImageList_AddIcon
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_GetIcon
ImageList_Destroy
ImageList_Draw
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_AddMasked
ImageList_LoadImage
ImageList_DragEnter

user32

CopyIcon
LoadCursorA
CopyRect
CloseWindow
CopyImage
LoadMenuA
GetWindowTextA
AlignRects
IsMenu
GetFocus
DialogBoxParamW
InsertMenuA
GetCursor
GetDC
DialogBoxParamA
AppendMenuA
DrawIconEx
GetWindowTextLengthA
CreateIcon
DrawTextA
IsWindow
CalcMenuBar
GetMenu

advapi32

RegCreateKeyExA
RegEnumKeyExW
RegEnumValueA
RegCreateKeyExW
RegLoadKeyW
RegQueryValueW
RegEnumKeyW
RegCreateKeyW
RegQueryValueExW
RegLoadKeyA
RegDeleteValueA
RegReplaceKeyW
RegQueryInfoKeyW
RegQueryInfoKeyA
RegDeleteValueW
RegFlushKey
RegGetKeySecurity

kernel32

DeleteFileA
OpenFileMappingA
OpenFile
Sleep
GetCPInfo
SetLastError
GetComputerNameA
GetFileTime
GetFileSize
CreateDirectoryA
ReadConsoleA
CopyFileExA
GetStdHandle
CreateProcessA
CopyFileA
GetCommandLineA
GetConsoleMode

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

359c988a7ca0602db0e8a1b7426d0462

Headers

File Characteristics

Imports

gdi32

comctl32

user32

advapi32

kernel32

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 88KB - Virtual size: 3.7MB

.tls Size: 4KB - Virtual size: 154B

.rdata Size: 4KB - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 1KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 88KB - Virtual size: 3.7MB

.tls
Size: 4KB - Virtual size: 154B

.rdata
Size: 4KB - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 20KB - Virtual size: 19KB