15b2604ebdefa7a419c420dbfca876b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15b2604ebdefa7a419c420dbfca876b2_JaffaCakes118
Size

93KB
MD5

15b2604ebdefa7a419c420dbfca876b2
SHA1

58210d150b173447d792224b72f7d15f05cf0626
SHA256

3147d50823e48ff963d0ce48bf8d833c3b378412ce78a7fe58fb7c6e7ab4d1b7
SHA512

5249099be4fdd63a31c2016333a78d9473ce28927702317c1e019e702572297f77f651194e52ef183cb3e5b65d59e906052a33a52a14a3bb8736015352874663
SSDEEP

1536:ACwCBYbtRrKKDUccvawOnbNQKLjWDyy1o5RefYMJUEbooPRrKKRl1P38:VYLrpLcvYNQKPWDyDRefVJltZrpRl1Ps

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15b2604ebdefa7a419c420dbfca876b2_JaffaCakes118

Files

15b2604ebdefa7a419c420dbfca876b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c674f7a1d00b8541d03f00a0f1da2340

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp71

?_Nomemory@std@@YAXXZ
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?close@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z

msvcr71

__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
_callnewh
malloc
strcat
__CxxFrameHandler
??_V@YAXPAX@Z
strlen
strcpy
??3@YAXPAX@Z
__getmainargs
_strcmpi

kernel32

DeleteFileA
SetFileAttributesA
GetCommandLineA
MoveFileA
FindClose
FindNextFileA
CopyFileA
ResumeThread
SuspendThread
CreateThread
Sleep
GetSystemTime
WaitForSingleObject
CreateSemaphoreA
WinExec
GetSystemDirectoryA
GetStartupInfoA
GetModuleHandleA
GetWindowsDirectoryA
FindFirstFileA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c674f7a1d00b8541d03f00a0f1da2340

Headers

File Characteristics

Imports

msvcp71

msvcr71

kernel32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 108B

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 108B

.rsrc
Size: 7KB - Virtual size: 7KB