15ce38a7284ef31d17ee4ff2dc6c44e0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15ce38a7284ef31d17ee4ff2dc6c44e0_JaffaCakes118
Size

85KB
MD5

15ce38a7284ef31d17ee4ff2dc6c44e0
SHA1

3921d2b691dec04889093e60b8161252945fbade
SHA256

1e4f7674dd5c93eb021c5c4df189842c2e8bafff47c72697550a434deae73cd1
SHA512

5be07827a88ba184202d25410a3a269c0655de951c044a4412053663a4bd34f9d97fae0f094a9160df95b31f5380ad4844603d2e4ea48e33f4f16b4a14938a1c
SSDEEP

1536:balqZHDgwTxlFfUN+yKsbAwebWwWa8wlVh8c5m:JFluL9wWa8A8cs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15ce38a7284ef31d17ee4ff2dc6c44e0_JaffaCakes118

Files

15ce38a7284ef31d17ee4ff2dc6c44e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6d6438c256837ae36cc15324ca637be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyW
RegQueryValueExW
RegGetKeySecurity
RegCreateKeyExW
RegReplaceKeyA
RegEnumKeyA
RegQueryValueA
RegQueryValueW
RegOpenKeyExW
RegLoadKeyW
RegEnumKeyExA
RegLoadKeyA
RegOpenKeyW
RegDeleteValueW
RegDeleteKeyW
RegEnumValueA
RegQueryInfoKeyW
RegOpenKeyA
RegEnumValueW
RegFlushKey
RegCreateKeyW
RegDeleteKeyA
RegEnumKeyExW
RegOpenKeyExA
RegDeleteValueA
RegQueryValueExA
RegQueryInfoKeyA
RegCreateKeyExA
RegEnumKeyW
RegReplaceKeyW
RegOpenKeyExW
RegOpenKeyA
RegCreateKeyExW
RegReplaceKeyA
RegDeleteValueW
RegDeleteValueA
RegEnumKeyW
RegDeleteKeyW
RegEnumValueW
RegQueryInfoKeyW
RegLoadKeyW
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyA
RegDeleteKeyA
RegEnumKeyExW
RegCreateKeyW
RegCreateKeyExA
RegQueryValueExW
RegGetKeySecurity
RegLoadKeyA
RegQueryValueExA
RegFlushKey
RegQueryValueW
RegQueryValueA
RegOpenKeyExA
RegOpenKeyW
RegEnumKeyExA

user32

DrawTextW
GetCursor
DialogBoxParamA
IsWindow
DrawIconEx
DrawTextA
GetFocus
CloseWindow
InsertMenuA
CalcMenuBar
AppendMenuW
DrawIcon
GetDC
AlignRects
CopyIcon
GetWindowTextA
GetWindowTextLengthA
EndDialog
DialogBoxParamW
AppendMenuA
CopyImage
LoadMenuA
LoadCursorA
BlockInput
GetDlgItem
CopyRect
GetMenu
CreateIcon
IsMenu

kernel32

GetCommandLineA
FreeLibrary
GetCommandLineA
GlobalFree
GetCommandLineA
Sleep
GetCommandLineA
GetStringTypeW
GetCommandLineA
lstrlenA
GetCommandLineA
GetModuleHandleA
GetCommandLineA
ExitProcess
GetCommandLineA
GetLocalTime
GetCommandLineA
GetLastError
GetCommandLineA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d3ta
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.r60ta
Size: 10KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.b5s
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.rs2c
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6d6438c256837ae36cc15324ca637be

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 14KB - Virtual size: 13KB

.d3ta Size: 49KB - Virtual size: 48KB

.r60ta Size: 10KB - Virtual size: 85KB

.b5s Size: - Virtual size: 2KB

.rs2c Size: 6KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 14KB - Virtual size: 13KB

.d3ta
Size: 49KB - Virtual size: 48KB

.r60ta
Size: 10KB - Virtual size: 85KB

.b5s
Size: - Virtual size: 2KB

.rs2c
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 4KB