15b72360f7d148f97e6fdec1e600fa66_JaffaCakes118

General

Target

15b72360f7d148f97e6fdec1e600fa66_JaffaCakes118
Size

133KB
MD5

15b72360f7d148f97e6fdec1e600fa66
SHA1

f25e9f0fad16b02fb5da34bbb829b07fe006b04c
SHA256

a1cfd1dcf359e80066ff133b0e99200755e26c355008bc0464a127d7ed63d52f
SHA512

8bc6dbc84b251fd3e8896a9091c3726a52f8ed72b10beb8cfd7ae99153aeec91fe9d068a1e8b0f76b3bd7efed41b07a67c8dad4b084793546d7751fd0a448952
SSDEEP

3072:l/wXXm02jkcp+JxdwDizaZqVuwA1Fl1g51YM860d5:GDhc8Jo2akVuwoFl1kLR0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15b72360f7d148f97e6fdec1e600fa66_JaffaCakes118

Files

15b72360f7d148f97e6fdec1e600fa66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6581dc2c0cd4aebf5c1ab5c194b18f30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Add
ImageList_DrawEx
ImageList_Read
ImageList_Create
ImageList_GetBkColor
ImageList_Write
ImageList_DragShowNolock
ImageList_Draw

kernel32

SetFilePointer
FindClose
GetProcAddress
GetCurrentProcessId
CloseHandle
WaitForSingleObject
VirtualAlloc
LoadLibraryA
lstrcmpiA
SetLastError
DeleteFileA
ExitProcess
SetErrorMode
Sleep
GetOEMCP
GetCurrentThreadId
GetCPInfo
HeapAlloc
GetACP
GetCommandLineA
LocalFree
FreeResource
GetTempPathA
EnterCriticalSection

version

VerInstallFileA
VerFindFileA

user32

RedrawWindow
PostMessageA
GetMenu
GetDC
PeekMessageW
IsCharLowerA

Exports

Exports

_B8PyfN9eX8sVea@8

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lkdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6581dc2c0cd4aebf5c1ab5c194b18f30

Headers

File Characteristics

Imports

comctl32

kernel32

version

user32

Exports

Exports

Sections

CODE Size: 11KB - Virtual size: 11KB

.data Size: 11KB - Virtual size: 130KB

.lkdata Size: 105KB - Virtual size: 104KB

.idata Size: 1KB - Virtual size: 1KB

.jdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

CODE
Size: 11KB - Virtual size: 11KB

.data
Size: 11KB - Virtual size: 130KB

.lkdata
Size: 105KB - Virtual size: 104KB

.idata
Size: 1KB - Virtual size: 1KB

.jdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB