15155a0c052cb905d4b4f2737f7e331b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15155a0c052cb905d4b4f2737f7e331b_JaffaCakes118
Size

109KB
MD5

15155a0c052cb905d4b4f2737f7e331b
SHA1

a84360721f984a88dc303f22804c2179d1e36bf5
SHA256

d71af95d968cccddff43c51eeee13bfd75d1d4a6fb248557d50db953d6cc30df
SHA512

331b029f17c138d84c6a588b4b3ecf766f282afb805ed700fdb2a89d537f8c14a942e73bb6415474558acd6c9fe8ae3e4cc97bd87482aa711cfd0aba02c20378
SSDEEP

1536:/Pm4x1OKTSvayyqi0RCwmVwk1RUnAWwQzvxotyQ3iS+s1N6qQnjgTQiRiN8IafAj:XmuTSvzyqi0Cw6GwQz5SSS+wN2afAj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15155a0c052cb905d4b4f2737f7e331b_JaffaCakes118

Files

15155a0c052cb905d4b4f2737f7e331b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

29b0afe12654a342744f865f4db58edf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
lstrlenW
GlobalFindAtomA
lstrcmpA
GetSystemTime
DeleteFileA
lstrcmpiA
lstrlenA
GetCommandLineA
GetWindowsDirectoryA
VirtualAlloc
lstrcmpiW
QueryPerformanceCounter
VirtualFree
GetModuleHandleA
RemoveDirectoryW
FindClose
CopyFileA

gdi32

GetObjectA
GetStockObject
CreateFontIndirectA
GetClipBox
SetTextAlign
DeleteObject
SelectPalette
DeleteDC
GetDeviceCaps
RestoreDC
SelectObject
SetStretchBltMode
GetTextMetricsA
SetTextColor
LineTo
CreateCompatibleDC
RectVisible
GetPixel
CreateSolidBrush
CreatePalette
SetMapMode

user32

GetSystemMetrics
GetParent
TranslateMessage
GetDesktopWindow
CharNextA
GetDC

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ