15fe6959410d5928027242ae18841ff7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15fe6959410d5928027242ae18841ff7_JaffaCakes118
Size

291KB
MD5

15fe6959410d5928027242ae18841ff7
SHA1

c7cfd7eb1ec79a109b06b8766bf94ad377a187c6
SHA256

1503fb0a11d4a7ff7bde614d5cf0dfebe6361bdb67d6f0e3cfcbfdb7e7d58397
SHA512

270147ae4efbec4bd5ed1397e1b57e2847f8d4cf81e7e73fcc25838d91e3c1f4876b86afef50379907aef734a9da1fa635a17df4762e0fe208e036f911563d1d
SSDEEP

6144:1vA5VGRahxxaawKz5o4N7tgIe1N8ec5HENa0x5XyP5:wVhL5o4NxNH/0A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15fe6959410d5928027242ae18841ff7_JaffaCakes118

Files

15fe6959410d5928027242ae18841ff7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c455aac4ae52bd26245ec9a78bd4e749

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemAlloc
OleRun
CoUninitialize
CoTaskMemRealloc
CLSIDFromProgID
CLSIDFromString
CoInitialize
StringFromCLSID
CoInitializeEx
StringFromGUID2
CoTaskMemFree
CoCreateGuid
CoCreateInstance

wintrust

WinVerifyTrust

shell32

SHGetFolderPathW
CommandLineToArgvW

psapi

GetModuleBaseNameW

cabinet

ord21
ord20
ord23
ord22

crypt32

CryptUnprotectData
CertFreeCertificateContext
CryptDecodeObject
CryptQueryObject
CryptHashPublicKeyInfo
CertFreeCertificateChain
CryptMsgClose
CryptMsgGetParam
CertCloseStore
CertVerifyCertificateChainPolicy
CryptMsgGetAndVerifySigner
CertGetCertificateChain

kernel32

IsProcessorFeaturePresent
FormatMessageW
Process32NextW
GetPrivateProfileStringW
HeapFree
GetSystemWindowsDirectoryW
CreateFileMappingW
MapViewOfFile
FindResourceExW
Module32FirstW
lstrlenW
GetFileInformationByHandle
CreateEventW
GetTempFileNameW
CreateThread
GetCommandLineW
DuplicateHandle
GetSystemTime
WideCharToMultiByte
HeapSize
RemoveDirectoryW
CreateProcessW
GetTempPathW
SetHandleCount
HeapAlloc
GetWindowsDirectoryW
IsWow64Process
CreateDirectoryW
FreeLibrary
DeleteFileW
RtlUnwind
SetEnvironmentVariableA
CopyFileW
WriteConsoleW
SetStdHandle
ResumeThread
LoadResource
CompareStringW
LockResource
WriteFile
SetEndOfFile
GetTimeZoneInformation
GetModuleHandleW
GetProcessHeap
FlushFileBuffers
GetShortPathNameW
GetFileSizeEx
GetSystemDirectoryW
ExitThread
GetCurrentDirectoryW
FreeEnvironmentStringsW
IsValidLocale
IsDebuggerPresent
GetStdHandle
SetFilePointer
TlsGetValue
EnumUILanguagesW
FileTimeToSystemTime
GetFileSize
Process32FirstW
GetCurrentThreadId
ReleaseMutex
OutputDebugStringW
MulDiv
CloseHandle
GetFullPathNameW
EnterCriticalSection
GetDriveTypeW
CreateFileW
FindFirstFileExW
GetUserDefaultLCID
GetConsoleCP
CreateToolhelp32Snapshot
PeekNamedPipe
GetOEMCP
TlsSetValue
SetUnhandledExceptionFilter
DeleteCriticalSection
IsValidCodePage
LoadLibraryExW
FindFirstFileW
lstrcmpA
SetLastError
HeapDestroy
GetDiskFreeSpaceExW
SetCurrentDirectoryW
InitializeCriticalSectionAndSpinCount
HeapReAlloc
LeaveCriticalSection
EnumSystemLocalesA
TlsFree
GetSystemInfo
SetEnvironmentVariableW
UnhandledExceptionFilter
UnmapViewOfFile
ReadFile
FindResourceW
CreateMutexW
lstrcmpiW
RaiseException
GetACP
OpenProcess
LocalAlloc
GetCommandLineA
LCMapStringW
lstrlenA
ResetEvent
WaitForMultipleObjects
GetSystemTimeAsFileTime
lstrcmpW
WaitForSingleObject
GetLocalTime
ExpandEnvironmentStringsW
OpenMutexW
GetConsoleMode
GetFileAttributesExW
GetFileType
SizeofResource
GetDiskFreeSpaceW
FindNextFileW
LocalFree
GetPrivateProfileSectionW
FindClose
TlsAlloc
VirtualAllocEx

shlwapi

PathCombineW
PathIsSameRootW
PathAppendW
PathAddBackslashW
PathIsRootW
PathCanonicalizeW
PathRemoveBlanksW
PathRemoveFileSpecW
PathStripToRootW
PathRemoveBackslashW
PathCommonPrefixW

advapi32

LsaClose
QueryServiceConfigW
RegCreateKeyExW
LsaQueryInformationPolicy
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegSetValueExW
LsaOpenPolicy
RegEnumValueW
OpenServiceW
RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteValueW
LsaFreeMemory
OpenSCManagerW
CloseServiceHandle
QueryServiceStatus
RegOpenKeyW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

setupapi

SetupIterateCabinetW

gdi32

DeleteObject
GetDeviceCaps
CreateFontIndirectW

oleaut32

LoadTypeLi
VariantCopy
VarBstrCmp
SysAllocString
DispGetParam
SystemTimeToVariantTime
VariantTimeToSystemTime
SysFreeString
VarUI4FromStr
VariantInit
CreateErrorInfo
SysStringLen
SysAllocStringLen
SetErrorInfo
VariantClear
SafeArrayPutElement
SafeArrayDestroy
GetErrorInfo
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
SafeArrayCreate

user32

GetDC
TranslateMessage
CharNextW
PeekMessageW
ReleaseDC
SystemParametersInfoW
MessageBoxW
DispatchMessageW
CharPrevW
GetSystemMetrics
MsgWaitForMultipleObjects
SetWindowLongA

comctl32

CreateStatusWindow
FlatSB_SetScrollRange
ImageList_DragLeave
FlatSB_SetScrollInfo
MakeDragList
ImageList_GetIconSize

untfs

FormatEx
Extend

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 105KB - Virtual size: 758KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 107KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 923KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c455aac4ae52bd26245ec9a78bd4e749

Headers

File Characteristics

Imports

ole32

wintrust

shell32

psapi

cabinet

crypt32

kernel32

shlwapi

advapi32

version

setupapi

gdi32

oleaut32

user32

comctl32

untfs

Sections

.text Size: 20KB - Virtual size: 19KB

.bss Size: 105KB - Virtual size: 758KB

.reloc Size: 107KB - Virtual size: 347KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 44KB - Virtual size: 923KB

.rsrc Size: 7KB - Virtual size: 66KB

.text
Size: 20KB - Virtual size: 19KB

.bss
Size: 105KB - Virtual size: 758KB

.reloc
Size: 107KB - Virtual size: 347KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 44KB - Virtual size: 923KB

.rsrc
Size: 7KB - Virtual size: 66KB