15eabe11166dd487e45a45d82a3232d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15eabe11166dd487e45a45d82a3232d3_JaffaCakes118
Size

175KB
MD5

15eabe11166dd487e45a45d82a3232d3
SHA1

d1563440ea86055b3c25ef987244515e1a91375e
SHA256

ca127f8580ebcbd2af855939b2862ac84e3f2fe9a38fb6831d9affbf29e73708
SHA512

4bec48daa968ca1c4bdaf3fe859ce694d4c97d88b63161d72977a2061ac3d83c876828f5f0703ad24fb93a100490499a0653d4fd03dfd3c562cf42df285f3309
SSDEEP

3072:0g1hAFI18t2aWY315Wv7BMq8XcdeZGqThoDu6myEBhmdeT9:18Ge2a/Rq8MC9nLhm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15eabe11166dd487e45a45d82a3232d3_JaffaCakes118

Files

15eabe11166dd487e45a45d82a3232d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92b53b7303c1ff0aba60fdb1953a14c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileW
CreateDirectoryW
GetCalendarInfoW
SetFileTime
GetSystemDefaultLangID
CreateFileW
DeleteFileW
GetThreadContext
LoadLibraryW
GetFileAttributesW
GetModuleFileNameW
FindNextFileW
InterlockedDecrement
FindFirstFileW
RemoveDirectoryW
ConvertDefaultLocale
LocalFileTimeToFileTime
FindClose
EnumResourceNamesA
WideCharToMultiByte
ReadFile
MultiByteToWideChar
ExitProcess
GetVersion
lstrcpyW
GetCurrentDirectoryW
EnumResourceLanguagesW
SetFilePointer
GetLocaleInfoW
GetCurrentProcessId
WriteFile
SystemTimeToFileTime
GetProcAddress

user32

SetPropW
RemovePropW
IsRectEmpty
RegisterWindowMessageW
CreateWindowExW
CharUpperW
GetNextDlgTabItem
WinHelpW
SendDlgItemMessageA
GetPropW
GetClassInfoExW
InvalidateRgn
SetRect
CharNextW
GetClassLongW
MessageBeep
CopyAcceleratorTableW
GetNextDlgGroupItem
InvalidateRect
DestroyMenu

gdi32

ScaleViewportExtEx
GetStockObject
SetWindowExtEx
PtVisible
SetViewportOrgEx
GetMapMode
Escape
ExtSelectClipRgn
GetTextColor
DeleteDC
SelectObject
GetBkColor
OffsetViewportOrgEx
RectVisible
ExtTextOutW
ScaleWindowExtEx
GetDeviceCaps
TextOutW
GetRgnBox

shlwapi

PathStripToRootW
PathFindFileNameW
PathFileExistsW
PathFindExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

ole32

CoTaskMemFree
CoGetClassObject
StgCreateDocfileOnILockBytes
CoUninitialize
StgOpenStorageOnILockBytes
CoRevokeClassObject
OleInitialize
OleUninitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
CoCreateInstance
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoInitialize
CLSIDFromProgID
CLSIDFromString

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyW
RegSetValueExW
RegQueryValueW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92b53b7303c1ff0aba60fdb1953a14c2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shlwapi

shell32

ole32

advapi32

oleacc

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 68KB - Virtual size: 67KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 68KB - Virtual size: 67KB

.edata
Size: 1024B - Virtual size: 96KB