15d7ddfb1006cc955bd3dfb04a57a806_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

15d7ddfb1006cc955bd3dfb04a57a806_JaffaCakes118
Size

74KB
MD5

15d7ddfb1006cc955bd3dfb04a57a806
SHA1

66a3dc22d3b7cf40416281b7eba712b1a37d8744
SHA256

51dd3f56df192fd13e0d69ffd6d1614f51c3d89f72ba58921d9333232c666945
SHA512

0471e964b596c7c4ebfde4151c8f15ffcd5691ddbe50216da5bde51dcf99d3442d7078a6fcd45b9f18d69ed41938ccd6acf575ec5c835efd4fcc3e0fb9aae351
SSDEEP

1536:W6rdA5bUtZxub2cjBbRTQ4azCl2zJBbU3TdyclMidj2SLN:U5XyM5aWl2zJVUxyE7djfL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15d7ddfb1006cc955bd3dfb04a57a806_JaffaCakes118

Files

15d7ddfb1006cc955bd3dfb04a57a806_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07e0f5c1b56b0f9e15bc44c7ba66ff04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceLanguagesA
OutputDebugStringW
GetPrivateProfileStructA
RtlMoveMemory
AddConsoleAliasA
HeapValidate
SetNamedPipeHandleState
VirtualAlloc
FindNextChangeNotification
WriteProfileStringA
GetCurrencyFormatW
GetComputerNameA
FlushConsoleInputBuffer
FindNextFileA
EnumResourceTypesA
GetVersionExA
GetProcessVersion
HeapUnlock
BackupWrite
WriteConsoleOutputW
RtlZeroMemory
SetEvent
GetConsoleDisplayMode
UpdateResourceA
GetVolumeInformationW
GetModuleFileNameW
FlushInstructionCache

user32

RegisterClipboardFormatA
SwitchToThisWindow
SetRectEmpty
TabbedTextOutW
IsDialogMessageW
MenuWindowProcA
SetUserObjectInformationW
GetScrollRange
ClientToScreen
GetPropW
GetAppCompatFlags
AdjustWindowRect
DlgDirListComboBoxW
RegisterLogonProcess
EnumPropsExA

gdi32

GetCurrentObject
GdiFixUpHandle
GetTextColor
ArcTo
GetPixel
GetObjectA
DeleteDC
GetEnhMetaFileA
ExtSelectClipRgn
GetTextExtentPoint32A
GetTextMetricsW
SetFontEnumeration
CreateEnhMetaFileA
GetOutlineTextMetricsW
EndDoc
PlayMetaFile
StrokePath
CreateBitmap
GdiCreateLocalEnhMetaFile
GdiIsMetaFileDC
GetICMProfileA
GetRelAbs
GetPolyFillMode
NamedEscape
GdiEntry3
StartDocW
GetGlyphOutlineA
GdiGetBatchLimit
CopyEnhMetaFileA

ole32

STGMEDIUM_UserUnmarshal
OleCreate
StgCreateDocfile
EnableHookObject
CoFreeAllLibraries
CreateILockBytesOnHGlobal
CoRevokeClassObject
HENHMETAFILE_UserSize
SetErrorInfo
HWND_UserSize
UtConvertDvtd32toDvtd16
CoReleaseServerProcess
StgIsStorageFile
OleNoteObjectVisible
CLIPFORMAT_UserSize
OleRegEnumVerbs
STGMEDIUM_UserSize
HMETAFILEPICT_UserMarshal
CoAddRefServerProcess
CreateAntiMoniker
StgOpenAsyncDocfileOnIFillLockBytes
CoSetState

oleaut32

SafeArrayGetElement
VectorFromBstr
QueryPathOfRegTypeLib
VarI4FromUI4
VarBoolFromUI2
VarR4FromCy
VarI2FromI1
RegisterActiveObject
BstrFromVector
VarR8FromDate
GetErrorInfo
VarCyFromUI1
OleTranslateColor

Sections

.text
Size: 47KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 18KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

07e0f5c1b56b0f9e15bc44c7ba66ff04

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

Sections

.text Size: 47KB - Virtual size: 104KB

.data Size: 4KB - Virtual size: 24KB

BSS Size: 18KB - Virtual size: 80KB

.idata Size: 4KB - Virtual size: 56KB

.text
Size: 47KB - Virtual size: 104KB

.data
Size: 4KB - Virtual size: 24KB

BSS
Size: 18KB - Virtual size: 80KB

.idata
Size: 4KB - Virtual size: 56KB