15438d011814cc89048419f6f3e245e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15438d011814cc89048419f6f3e245e7_JaffaCakes118
Size

136KB
MD5

15438d011814cc89048419f6f3e245e7
SHA1

0d78f2ace1c86bc95698e3eee4466b3015a5f501
SHA256

dac45b7a466d46283a6af11cfd7de06e64eb20f1be30ad73f4316dfc0eef4084
SHA512

f85293c44f62930d3a7902c87d0477409e2f43936c6a4d2cf1afe5e35653248ba56df810c364a7f7ab62340c7475be7cc469f52afa0c33a432cae0ef42d9c2c3
SSDEEP

3072:BO19aCrPXvNR51UxxIlrtkQQtm2lsnkj+o3wPYGP8x6CCDNzRnqFg2:BsFbWIdam2lskjBGP80XD1Rnmg2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15438d011814cc89048419f6f3e245e7_JaffaCakes118

Files

15438d011814cc89048419f6f3e245e7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c95ed946c16c79821c1297fe8ad26d03

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeA
ReadFile
UnmapViewOfFile
GlobalGetAtomNameA
IsBadReadPtr
SetHandleCount
LeaveCriticalSection
HeapReAlloc
IsDBCSLeadByteEx
SetCommState
VirtualProtect
lstrcpyW

gdi32

SetBrushOrgEx
GetTextAlign
CreateRectRgnIndirect
RemoveFontResourceW
StartPage
GetTextExtentExPointW
GetBitmapBits
FillRgn

comctl32

ImageList_Destroy
ImageList_Remove
ImageList_Read
CreatePropertySheetPageW

comdlg32

ReplaceTextW
GetOpenFileNameW
ChooseColorW
FindTextW

shlwapi

StrToIntA
StrCSpnIA

user32

CharNextA
MessageBoxExW
GetDC
UnionRect
GetClipCursor
ShowScrollBar
AdjustWindowRectEx
MapDialogRect
GetListBoxInfo
RegisterClassA
IsCharLowerA
ShowWindow
CopyRect

Exports

Exports

?_CancelDC@@YGKKK@Z

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RDATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 205KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MEMORY
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EXPORT
Size: 1024B - Virtual size: 594B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c95ed946c16c79821c1297fe8ad26d03

Headers

File Characteristics

Imports

kernel32

gdi32

comctl32

comdlg32

shlwapi

user32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 27KB

RDATA Size: 2KB - Virtual size: 2KB

BSS Size: - Virtual size: 205KB

MEMORY Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 2KB

.itext Size: 2KB - Virtual size: 1KB

EXPORT Size: 1024B - Virtual size: 594B

.rsrc Size: 88KB - Virtual size: 88KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 27KB - Virtual size: 27KB

RDATA
Size: 2KB - Virtual size: 2KB

BSS
Size: - Virtual size: 205KB

MEMORY
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 2KB

.itext
Size: 2KB - Virtual size: 1KB

EXPORT
Size: 1024B - Virtual size: 594B

.rsrc
Size: 88KB - Virtual size: 88KB

.reloc
Size: 5KB - Virtual size: 5KB