015959b022ea25824a8119c2763dd446_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

015959b022ea25824a8119c2763dd446_JaffaCakes118
Size

142KB
MD5

015959b022ea25824a8119c2763dd446
SHA1

9b8d58b31893eebf85b4c1d8ac25c2e34bad8184
SHA256

b71c5c63b1a97b01da92c99923deb2e3e5d560d3cbce5b690095102077fa08d4
SHA512

6b498675c59bc76aa577148e5c11ad60c54618960decc2dfbf7317a80cceeb25b3122ed48bceb3b83cba946baa407bd562cb5bfdf4c1ab8a588dd57658054887
SSDEEP

3072:26vpsEUghejVDYWGoSYlo808aGQJQIFzf5N63LMT7s3E3HfLYPa:26vamhejVW1Yx01GgX8qV3/U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
015959b022ea25824a8119c2763dd446_JaffaCakes118

Files

015959b022ea25824a8119c2763dd446_JaffaCakes118
.exe windows:4 windows x86 arch:x86

847b73f5da859d99fdef842df675b3ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
EnumSystemLocalesA
RegisterConsoleVDM
GetProfileStringW
GetConsoleCursorInfo
GetTimeFormatA
GetConsoleDisplayMode
FindFirstFileExW
EndUpdateResourceA
GetNamedPipeHandleStateW
GetConsoleMode

user32

OemToCharW
CharToOemBuffA
SystemParametersInfoW
RemoveMenu
InitializeLpkHooks
UnloadKeyboardLayout
DdeUnaccessData
DdeGetData
UserClientDllInitialize
TileWindows
GetKeyboardLayoutList
SetUserObjectInformationW

shell32

SHAppBarMessage
StrCmpNIA
SHGetInstanceExplorer
SHGetDataFromIDListW

gdi32

GetTextExtentPointI
AddFontResourceTracking
SetPixelFormat
ResizePalette

Sections

.code
Size: 9KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ