15c714c61843a6c00bbbcc541eacdac8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15c714c61843a6c00bbbcc541eacdac8_JaffaCakes118
Size

145KB
MD5

15c714c61843a6c00bbbcc541eacdac8
SHA1

29bd7c14ed4a5753c99525db538cfdadf8b39782
SHA256

048dca0404d9545f5d15695e767fd28fa044f7e4875c56992012672e3fedee06
SHA512

a00a85e328bfd1c8edb563f873b3b77a360d697170351df1468457eb63572fc1166107733406b824716f74e0a20b832d8a8815e3f83d9d82960002cdc26d4bd5
SSDEEP

3072:xURDIQyYHQuA4VbI5z8r8eXykUx2v52w9Q/ssAocFmpRA2:xURDIQyArXbDyjRw98sycWRB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15c714c61843a6c00bbbcc541eacdac8_JaffaCakes118

Files

15c714c61843a6c00bbbcc541eacdac8_JaffaCakes118
.exe windows:8 windows x86 arch:x86

cbf526244d3637f52cc73ec937392c5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord29

kernel32

FormatMessageA
GetCurrentThread
ConvertDefaultLocale
GetFileSize
GetSystemWindowsDirectoryA
LocalReAlloc
GetShortPathNameW
HeapSize
GlobalFree
HeapReAlloc
GetTempFileNameA
GetPriorityClass
SetCurrentDirectoryA
GetFileAttributesA
GlobalLock
GetHandleInformation
MulDiv
QueryPerformanceCounter
lstrcmpA
EscapeCommFunction
WinExec
EnumResourceNamesW
DeleteAtom
SetPriorityClass
ReleaseMutex
EnumResourceLanguagesA
TryEnterCriticalSection
MoveFileExW
lstrcatA
CallNamedPipeW
GetCommModemStatus
VerifyVersionInfoW
OpenSemaphoreW
GetCommTimeouts
GlobalAddAtomW
GetFullPathNameW
RegisterWaitForSingleObject
CopyFileW
GetCommState
GetExitCodeThread
FindResourceA
SetThreadLocale
GetCurrentThreadId
DeleteFileA
lstrcpynA
lstrlenW
LeaveCriticalSection
GlobalReAlloc
FindFirstFileA
GetCurrentDirectoryW
InitializeCriticalSection
FindClose
FileTimeToLocalFileTime
HeapUnlock
CreateWaitableTimerA
VirtualProtect
GetModuleFileNameA
GetNumberFormatW
SetFileTime
GetSystemDefaultUILanguage
FindFirstChangeNotificationW
GetCommandLineW
GetWindowsDirectoryW
SystemTimeToFileTime
GetLongPathNameW
GetFileAttributesExA
lstrcpynW
CreateEventW
GetOverlappedResult
CreateEventA
CreateWaitableTimerW
TransactNamedPipe
LoadLibraryA
SetupComm
GetOEMCP
GetEnvironmentStringsW
OpenFile
GlobalFlags
GlobalHandle
LCMapStringA
SetCommMask
OpenFileMappingW
GetStartupInfoW
GetUserDefaultLangID
CreateFileA
LocalUnlock
SetThreadContext
IsBadStringPtrW
IsBadCodePtr
FreeResource
GetWindowsDirectoryA
GetSystemTime
SetFilePointer
FormatMessageW
VirtualFree
EnterCriticalSection
GetUserDefaultLCID
FlushViewOfFile
GetVersionExW
IsBadReadPtr
CreateMutexW
GetTempFileNameW

user32

GetKeyState
GetWindowDC

Exports

Exports

?CounterW@@YGXK@Z

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 537B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbf526244d3637f52cc73ec937392c5d

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 50KB

.idata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 93B

.data Size: 1024B - Virtual size: 537B

.data Size: 19KB - Virtual size: 19KB

.data Size: 6KB - Virtual size: 6KB

.data Size: 33KB - Virtual size: 33KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 50KB - Virtual size: 50KB

.idata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 93B

.data
Size: 1024B - Virtual size: 537B

.data
Size: 19KB - Virtual size: 19KB

.data
Size: 6KB - Virtual size: 6KB

.data
Size: 33KB - Virtual size: 33KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 10KB - Virtual size: 10KB