15a78d9e34fdf641590035195950b89a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15a78d9e34fdf641590035195950b89a_JaffaCakes118
Size

71KB
MD5

15a78d9e34fdf641590035195950b89a
SHA1

5bc72ab888434239306693a44f3d2db317015247
SHA256

6c9d3428876c2079a0856275a1160edfc69a756ebc5ad1f5604b19f211cd78bc
SHA512

26d0542b0e551556515a8b631bf6fdb1558fb148e15156931c5ec3b835b6fb64904b63082fad2ae1479774e4067b3267ebb3b40f519c3bb01334bbd29680b362
SSDEEP

768:yLLKWXYQ/TIqBZGNe4Ka4WY+iNARZxE8t:mLKWXfTCNe4Ka4WxiN6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15a78d9e34fdf641590035195950b89a_JaffaCakes118

Files

15a78d9e34fdf641590035195950b89a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f28c83d0da0f0a7fc71923012e273151

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libxml2

xmlStrndup
xmlFree
xmlStrcat
xmlStrdup
xmlMemFree
xmlMemUsed
xmlMemMalloc
xmlMemRealloc
xmlMemoryStrdup
__xmlGenericErrorContext
__xmlGenericError
xmlEncodeEntitiesReentrant
xmlFreeEnumeration
xmlFreeParserCtxt
xmlFreeDoc
xmlParseDocument
inputPush
xmlNewIOInputStream
xmlFreeParserInputBuffer
xmlNewParserCtxt
xmlSchemaFreeValidCtxt
xmlSchemaValidateStream
xmlSchemaSetValidErrors
xmlSchemaNewValidCtxt
xmlParserInputBufferCreateFilename
xmlStreamPop
xmlFreeStreamCtxt
xmlStreamPush
xmlTextReaderConstLocalName
xmlTextReaderConstNamespaceUri
xmlGetNodePath
xmlPatternMatch
xmlTextReaderCurrentNode
xmlTextReaderDepth
xmlTextReaderHasValue
xmlTextReaderConstValue
xmlTextReaderConstName
xmlTextReaderIsEmptyElement
xmlTextReaderNodeType
xmlFreeTextReader
xmlTextReaderIsValid
xmlTextReaderRead
xmlTextReaderSchemaValidate
xmlTextReaderRelaxNGValidate
xmlTextReaderSetParserProp
xmlPatternGetStreamCtxt
xmlPatterncompile
xmlReaderForFile
xmlReaderWalker
xmlDocGetRootElement
xmlDebugDumpEntities
xmlSchemaValidateDoc
xmlRelaxNGFreeValidCtxt
xmlRelaxNGValidateDoc
xmlRelaxNGSetValidErrors
xmlRelaxNGNewValidCtxt
xmlSchematronFreeValidCtxt
xmlSchematronValidateDoc
xmlSchematronNewValidCtxt
xmlValidateDtd
xmlParseDTD
xmlFreeValidCtxt
xmlValidateDocument
xmlNewValidCtxt
xmlDebugDumpDocument
xmlSaveClose
xmlSaveDoc
xmlSaveToFilename
xmlSaveToFd
xmlDocDump
xmlSaveFormatFile
xmlSaveFileEnc
xmlSaveFormatFileEnc
xmlSaveFile
xmlC14NDocDumpMemory
htmlDocDump
htmlSaveFileFormat
htmlSaveFile
xmlValidGetValidElements
xmlCopyDoc
xmlShell
xmlXPathOrderDocElems
xmlXIncludeProcessFlags
xmlFreeDtd
xmlUnlinkNode
xmlGetIntSubset
xmlReadFile
xmlParseFile
xmlCtxtReadFile
xmlCtxtReadIO
xmlReadIO
xmlReadFd
xmlParseChunk
xmlCtxtUseOptions
xmlCreatePushParserCtxt
htmlReadFile
htmlFreeParserCtxt
htmlParseChunk
htmlCreatePushParserCtxt
xmlDocSetRootElement
xmlNodeSetContent
xmlNewDocNode
xmlNewDoc
xmlHasFeature
__xmlParserVersion
xmlMemoryDump
xmlCleanupParser
xmlFreePattern
xmlRelaxNGCleanupTypes
xmlSchemaFree
xmlRelaxNGFree
xmlSchematronFree
xmlSchemaFreeParserCtxt
xmlSchemaParse
xmlSchemaSetParserErrors
xmlSchemaNewParserCtxt
xmlRelaxNGFreeParserCtxt
xmlRelaxNGParse
xmlRelaxNGSetParserErrors
xmlRelaxNGNewParserCtxt
xmlSchematronFreeParserCtxt
xmlSchematronParse
xmlSchematronNewParserCtxt
__xmlDoValidityCheckingDefaultValue
xmlSubstituteEntitiesDefault
__xmlLoadExtDtdDefaultValue
xmlLineNumbersDefault
xmlGetExternalEntityLoader
__xmlTreeIndentString
xmlDeregisterNodeDefault
xmlRegisterNodeDefault
xmlSAXDefaultVersion
xmlLoadCatalogs
xmlSetCompressMode
xmlPedanticParserDefault
__xmlGetWarningsDefaultValue
__xmlParserDebugEntities
xmlAddEncodingAlias
xmlMemSetup
xmlKeepBlanksDefault
xmlSetExternalEntityLoader
xmlNoNetExternalEntityLoader
xmlCheckVersion

msvcrt

fprintf
_iob
clock
vfprintf
_snprintf
_vsnprintf
malloc
fgets
fread
fclose
printf
exit
fopen
free
getenv
sscanf
_c_exit
_exit
_XcptFilter
_cexit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_write

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f28c83d0da0f0a7fc71923012e273151

Headers

File Characteristics

Imports

libxml2

msvcrt

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 36KB - Virtual size: 35KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 36KB - Virtual size: 35KB