2415c27175dc9f9cf288b90bf130ad00_JaffaCakes118

General

Target

2415c27175dc9f9cf288b90bf130ad00_JaffaCakes118
Size

251KB
MD5

2415c27175dc9f9cf288b90bf130ad00
SHA1

da0caabc2ac21968d11fe0aff4594196699a260c
SHA256

c599b28b983d96e6025c54682375e620596dee7439c002f7458a91a70707f719
SHA512

facc34666cd9318ac2c17f6d7292494db5257cd5be7c081eac5cc8e0945e50f0dcc2ae99b84aac3991c2f03c0ae8226a0a2bda9b901af34031c8e43dc021dad6
SSDEEP

6144:zz6/8OV3nQO4P5ums6WdKW/4+0lcy74rWUYL:PO4Pf3W7/4hlv8a3L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2415c27175dc9f9cf288b90bf130ad00_JaffaCakes118

Files

2415c27175dc9f9cf288b90bf130ad00_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a78902de6f7d4019e34d740f7c5b677c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
WideCharToMultiByte
HeapAlloc
ExitProcess
GetModuleHandleA
lstrcatA
GetCommandLineW
GetFileType
GetLocalTime
lstrcmpiA
GetLastError
GlobalAlloc
GetModuleFileNameA
Sleep
GetLogicalDrives
GetLastError
GetOEMCP
FreeConsole
GetCommandLineW
FreeConsole
GetLogicalDrives
FreeConsole
GetCommandLineA
FreeConsole
GetFileAttributesA
FreeConsole
FreeLibrary
FreeConsole
GetModuleFileNameA
FreeConsole
GetCPInfo
FreeConsole
ExitProcess
FreeConsole
lstrcmpA
DeleteFileA
lstrcmpiA
GetModuleHandleA
ExitProcess
GetLocalTime
GetFileAttributesA
WideCharToMultiByte
GetCommandLineA
GetOEMCP
FreeLibrary
GlobalAlloc
GetFileSize
GlobalFree
GetCommandLineW
GetModuleFileNameA
lstrcatA
HeapFree

user32

DrawIconEx
GetFocus
EndDialog
GetWindowTextLengthA
DialogBoxParamA
CloseWindow
GetDC
CalcMenuBar
DrawTextA
DrawIcon
GetWindowTextA
IsMenu
CreateIcon
DrawTextW
AppendMenuA
CopyRect
AppendMenuW
GetDlgItem
EndDialog
CloseWindow
GetDC
CopyImage
AlignRects
DrawIconEx
IsMenu
LoadCursorA
DrawTextA
LoadMenuA
DialogBoxParamW
DrawIcon
CalcMenuBar
DrawTextW
CopyIcon
BlockInput

Sections

.tdxt
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.radta
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edaaa
Size: 4KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iaata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a78902de6f7d4019e34d740f7c5b677c

Headers

File Characteristics

Imports

kernel32

user32

Sections

.tdxt Size: 15KB - Virtual size: 14KB

.radta Size: 219KB - Virtual size: 219KB

.edaaa Size: 4KB - Virtual size: 56KB

.iaata Size: 8KB - Virtual size: 8KB

.tdxt
Size: 15KB - Virtual size: 14KB

.radta
Size: 219KB - Virtual size: 219KB

.edaaa
Size: 4KB - Virtual size: 56KB

.iaata
Size: 8KB - Virtual size: 8KB