b15c6a9cb18ae96829b55d9764b75efe_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b15c6a9cb18ae96829b55d9764b75efe_JaffaCakes118
Size

474KB
MD5

b15c6a9cb18ae96829b55d9764b75efe
SHA1

52168aa13b4379635890ebd248a808854cf475ff
SHA256

dabd6751764bfa28f3cb5daaf55e8b1a4f06fd133eea88f39439d2db88a32db6
SHA512

4617047dcfca63a4838842f94211b540d5b3d074c99263a8de8157aac14d87144f6e017c4aadbdd179a6c6f2e4b836c8330b6f24ad62722cfd93e7cb8c61a693
SSDEEP

12288:C+e4N8Gs0lwpBkhbxCxxW3FEr+VJNa46vU0:C+eu8Sw/kNxCxxW3+rSa46s0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b15c6a9cb18ae96829b55d9764b75efe_JaffaCakes118

Files

b15c6a9cb18ae96829b55d9764b75efe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67ff482ddf74af86cbc1064e957f14fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CompareStringA
CompareStringW
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
EnumCalendarInfoA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FindResourceExA
FormatMessageA
FreeLibrary
FreeResource
GetCPInfo
GetCommandLineA
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetExitCodeProcess
GetFileAttributesA
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetThreadLocale
GetThreadPriority
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetWindowsDirectoryA
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LockResource
MoveFileExA
MultiByteToWideChar
ReadFile
ReadProcessMemory
ResetEvent
ResumeThread
SetEndOfFile
SetEvent
SetFilePointer
SetLastError
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile

oleaut32

SafeArrayAccessData
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeTypeEx
VariantClear
VariantCopy
VariantInit

user32

CharLowerA
CharLowerBuffA
CharLowerBuffW
CharUpperA
CharUpperBuffA
CharUpperBuffW
GetSystemMetrics
MessageBeep
MessageBoxA

Sections

.text
Size: 395KB - Virtual size: 395KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67ff482ddf74af86cbc1064e957f14fd

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

Sections

.text Size: 395KB - Virtual size: 395KB

.data Size: 72KB - Virtual size: 72KB

.bss Size: - Virtual size: 10KB

.CRT Size: 512B - Virtual size: 4B

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 708B

.text
Size: 395KB - Virtual size: 395KB

.data
Size: 72KB - Virtual size: 72KB

.bss
Size: - Virtual size: 10KB

.CRT
Size: 512B - Virtual size: 4B

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 708B