15d48a688a1ef4ab9dac9a11c7d7de7a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15d48a688a1ef4ab9dac9a11c7d7de7a_JaffaCakes118
Size

2.0MB
MD5

15d48a688a1ef4ab9dac9a11c7d7de7a
SHA1

2c04c0eca8a401dd251d662c85a3ebe1fc17a603
SHA256

6babbf867cdac358b54255a5c49adfb4648c6400742f2e207b98b77152efa7c9
SHA512

6d30826da4667ffa2cdc8b0a0187cc3862fff7eea7666fd1c2a39c05d368721b43dd002f3a8857d9920299204cc40c54f6365ac0cbc6c7fec44e13203dd01707
SSDEEP

24576:Gepi23WOrlKdHBApHyUgaD4A5mk2DbrLxq62cckORkNMn:fpZE8pHNgaPneb3QF8oaMn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15d48a688a1ef4ab9dac9a11c7d7de7a_JaffaCakes118

Files

15d48a688a1ef4ab9dac9a11c7d7de7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c261979d0623d9d5245bed4e21fd0160

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

t:\ses\x86\ship\0\opatchinst.pdb

Imports

kernel32

lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
GetExitCodeProcess
WaitForSingleObject
MultiByteToWideChar
lstrlenA
GetFileSize
CreateFileA
CreateDirectoryA
DeleteFileA
GetTempFileNameA
GetTempPathA
GetFullPathNameA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CopyFileA
MoveFileA
ReadFile
ExpandEnvironmentStringsA
SetEvent
CreateEventA
SetFilePointer
LockResource
LoadResource
FindResourceA
GetSystemDirectoryA
GetUserDefaultLangID
GetSystemDefaultLangID
GetVersionExA
WriteFile
GlobalFree
GlobalAlloc
CompareStringA
GetCurrentProcess
WritePrivateProfileStringA
GetWindowsDirectoryA
SetCurrentDirectoryA
CreateProcessA
GetDiskFreeSpaceExA
GetModuleFileNameA
SetLastError
WideCharToMultiByte
SetFileTime
DosDateTimeToFileTime
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetCPInfo
HeapSize
Sleep
VirtualAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetFileType
GetCurrentDirectoryA
GetLastError
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
LocalFree
GetFileAttributesA
LocalAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapReAlloc
RtlUnwind
ExitThread
GetCurrentThreadId
CreateThread
GetModuleHandleA
ExitProcess
GetSystemTimeAsFileTime
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
GetErrorInfo
VariantCopy
VariantChangeType
SysStringLen
SysFreeString

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

CLSIDFromProgID
CoInitialize
CoTaskMemFree
OleRun
CLSIDFromString
CoCreateInstance

user32

SetWindowLongA
SendMessageA
GetWindowLongA
DestroyWindow
PostQuitMessage
DispatchMessageA
EnableMenuItem
EnableWindow
ShowWindow
UpdateWindow
GetDlgItem
PostMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
EndDialog
IsDlgButtonChecked
DialogBoxParamA
CreateDialogParamA
ExitWindowsEx
MessageBoxA
SetWindowTextA
SystemParametersInfoA
GetSystemMenu
CharNextA
PeekMessageA

gdi32

CreateFontIndirectA

Sections

.text
Size: 511KB - Virtual size: 511KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 705KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c261979d0623d9d5245bed4e21fd0160

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

oleaut32

version

ole32

user32

gdi32

Sections

.text Size: 511KB - Virtual size: 511KB

.data Size: 16KB - Virtual size: 37KB

.rsrc Size: 705KB - Virtual size: 704KB

.reloc Size: 31KB - Virtual size: 31KB

.text
Size: 511KB - Virtual size: 511KB

.data
Size: 16KB - Virtual size: 37KB

.rsrc
Size: 705KB - Virtual size: 704KB

.reloc
Size: 31KB - Virtual size: 31KB