15b5558c2b5d919125bbdff03089658c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15b5558c2b5d919125bbdff03089658c_JaffaCakes118
Size

184KB
MD5

15b5558c2b5d919125bbdff03089658c
SHA1

6d5c81211ab6790d969d28d2a2ffd61b5e604899
SHA256

62c6e48bde87c2633424f1d8e92fad3a2afaa31df9724fd0200595e70aa5a4d7
SHA512

be95bb845fac1b1303d59403d62e106a145b6bd2ebeb31272ba66baa4915d84e6cdceaa18cc0f7494424acff0a391ace65d68a72ce4be417c0c434e8bad40de4
SSDEEP

3072:Jjig0wj1qGyJi8CbEwJNxNXyv8QD5cEXQozr53ylI:Jjig0q1iCbnJbeVdN3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15b5558c2b5d919125bbdff03089658c_JaffaCakes118

Files

15b5558c2b5d919125bbdff03089658c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df028fb03b8704324058e3fc36b87df7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
LocalReAlloc
GetOEMCP
SetErrorMode
TlsSetValue
GetProcessVersion
GetCPInfo
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
SetStdHandle
RtlUnwind
RaiseException
GetTimeZoneInformation
GetStartupInfoA
GetFileType
GetACP
TerminateProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetSystemTime
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
TlsFree
GlobalReAlloc
GetLocalTime
GlobalHandle
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrlenA
GetFullPathNameA
GetModuleFileNameA
GetComputerNameA
GetSystemInfo
GetLogicalDrives
GetDriveTypeA
GetVolumeInformationA
GetDiskFreeSpaceExA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetVersion
MulDiv
lstrcpyA
TlsAlloc
LocalAlloc
GlobalFlags
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalAlloc
GetCurrentThread
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
WriteFile
VirtualFree
FlushFileBuffers
GetCurrentThreadId
lstrcmpiA
SetFilePointer
GetCurrentProcess
ReadFile
CreateFileA
SetLastError
DuplicateHandle
GetLastError
FileTimeToLocalFileTime
WaitForSingleObject
CloseHandle
LoadLibraryA
FileTimeToSystemTime
lstrcpynA
VirtualAlloc
GlobalGetAtomNameA
FreeLibrary
lstrcmpA
lstrcatA
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
GlobalUnlock
GetModuleHandleA
GlobalLock
FindResourceA
GlobalFree
LockResource
LocalFree
LoadResource
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
IsBadWritePtr
InterlockedIncrement
LCMapStringA
GetEnvironmentStringsW
GetProcAddress

user32

DispatchMessageA
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
LoadIconA
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
IsDialogMessageA
SetWindowTextA
ShowWindow
WaitMessage
CharUpperA
PostQuitMessage
SetCursor
ValidateRect
TranslateMessage
GetMessageA
LoadStringA
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetSysColorBrush
DestroyMenu
CopyRect
IsWindowVisible
SetFocus
PeekMessageA
MessageBoxA
WinHelpA
wsprintfA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowPos
RegisterWindowMessageA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetDesktopWindow
EnableWindow
SetRect
SetRectEmpty
GetClientRect
ScreenToClient
PtInRect
PostMessageA
SendMessageA
GetDC
GetSysColor
GetFocus
GetScrollInfo
GetSystemMetrics
IsWindowEnabled
CallWindowProcA
SetWindowLongA
ClientToScreen
InflateRect
WindowFromDC
ReleaseDC
GetWindowRect
OffsetRect
GetWindowDC
AdjustWindowRectEx
GetClassInfoA
DefWindowProcA
GetCapture
GetCursorPos
WindowFromPoint
SetTimer
GetTopWindow
GetWindow
UnhookWindowsHookEx
KillTimer
SetWindowsHookExA
GetWindowLongA
GetParent
GetClassNameA
CallNextHookEx
SystemParametersInfoA
UnregisterClassA

gdi32

SetPixel
MoveToEx
SelectObject
LineTo
ExtTextOutA
SetBkColor
CreatePen
GetClipBox
SetTextColor
CreateBitmap
GetObjectA
GetDeviceCaps
DeleteDC
GetStockObject
RestoreDC
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
SaveDC
DeleteObject

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
GetUserNameA
RegQueryValueExA
RegFlushKey
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegUnLoadKeyA
RegEnumValueA
RegEnumKeyExA
RegSaveKeyA
RegLoadKeyA
RegRestoreKeyA

shell32

ShellExecuteA

comctl32

ord17

wsock32

accept
htons
bind
gethostname
WSACleanup
WSAStartup
WSASetLastError
WSAGetLastError
recv
ioctlsocket
WSAAsyncSelect
htonl
closesocket
gethostbyname
send
sendto
inet_ntoa
socket
recvfrom
connect

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df028fb03b8704324058e3fc36b87df7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 124KB - Virtual size: 120KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 124KB - Virtual size: 120KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 16KB - Virtual size: 13KB