15e999cf732c4b9afcf4c260f88181cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15e999cf732c4b9afcf4c260f88181cc_JaffaCakes118
Size

188KB
MD5

15e999cf732c4b9afcf4c260f88181cc
SHA1

abdeda0da28b78432c4f3e1fcbd7d56d6aa6d9c8
SHA256

9ed3d7803f1e46a5032b327304829f65a22a7b66edd3c5ca05556236b108ce78
SHA512

74df4e86e27827919ddcb3aa66ff789a64ee045579076e02d1ca96839d9df52ce24ffa03866c246bd6cc639d287940ef844db72c78cb489c078f7666b7e1bc26
SSDEEP

3072:wvfCsRjOBavFnyWv2GOGW/NVCCgTYuHskK9sEV4514TTYvVlLkXXpYV9EV/Fhs:w3zY0Fy7/NVCCgTYuHsF9sEVoSo7OpYm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15e999cf732c4b9afcf4c260f88181cc_JaffaCakes118

Files

15e999cf732c4b9afcf4c260f88181cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

859a829b0c0877c631b9547d00bedcb1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ReleaseCapture
IsWindow
ReleaseDC
GetSysColor
LoadCursorA
FillRect
GetWindowInfo
SetWindowPos
GetDlgItem
SetCursor
MoveWindow
GetDC
SetWindowLongA
GetWindowLongA
SetCapture

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey
RegSetValueExA

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

winmm

mciSendCommandA
sndPlaySoundA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

SetTapePosition
GetVersion
ClearCommError
GetCurrentProcessId
GetLocalTime
GetWindowsDirectoryA
EnumResourceNamesA
FindClose
Sleep
FatalExit
InterlockedExchange
FindFirstFileA

gdi32

GetTextExtentPoint32A
CreateRectRgn
SelectObject
CreateCompatibleDC
DeleteMetaFile
GetDeviceCaps
DeleteObject
CreateFontIndirectA
SaveDC
EnumFontFamiliesExA
GetStockObject
DeleteDC
CreateSolidBrush
SetTextColor
RestoreDC
SetBkMode
TextOutA
Rectangle
GetObjectA
BitBlt
CreateCompatibleBitmap

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

859a829b0c0877c631b9547d00bedcb1

Headers

File Characteristics

Imports

user32

advapi32

ole32

winmm

version

kernel32

gdi32

oleacc

shell32

Sections

.text Size: 153KB - Virtual size: 152KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 31KB - Virtual size: 31KB

.lib Size: 512B - Virtual size: 232KB

.text
Size: 153KB - Virtual size: 152KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 31KB - Virtual size: 31KB

.lib
Size: 512B - Virtual size: 232KB