15453c9e779d0bcf83f2dfc98620e9da_JaffaCakes118 | Triage

Sharing

General

Target

15453c9e779d0bcf83f2dfc98620e9da_JaffaCakes118
Size

162KB
MD5

15453c9e779d0bcf83f2dfc98620e9da
SHA1

e6311baf5f5f88d731b7f212fa0e5971558762e2
SHA256

da0c501d3da6a4e4fc4f7f69e4f33e14bdbf8ab479ada571a13d9e3188eee953
SHA512

6ab4fd69ae705e8d17aa79b138af8e0166f9ff9d90d36b96b088dc87db70810fd002960283f8265607fb67065bc5c02ee79186454b25a09cabfe4856fcb2ad8d
SSDEEP

3072:4c5kEgs8RAVV0GWQCDfwRc5ksBoIDMk/yut7ERZOH3p:MM8RIGG7838MqOH3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15453c9e779d0bcf83f2dfc98620e9da_JaffaCakes118

Files

15453c9e779d0bcf83f2dfc98620e9da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

222000ed758720a8c2a11fb65b4d182a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCombineW
PathFileExistsW

user32

wsprintfW
SendMessageA
DispatchMessageW
PostThreadMessageW
CharNextW
KillTimer
SetTimer
TranslateMessage
GetMessageW
GetDC
CharUpperW
UnregisterClassA

kernel32

MultiByteToWideChar
LockResource
lstrcpyA
OutputDebugStringW
GetProcessAffinityMask
WideCharToMultiByte
GlobalFree
FindClose
lstrcpyW
lstrcmpiW
EnumResourceNamesW
InitializeCriticalSection
GetTickCount
GetCPInfo
FreeEnvironmentStringsW
GetACP
GetLastError
lstrcpyA
lstrlenW
GlobalAlloc
GetModuleHandleW

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoRegisterClassObject
CoRevokeClassObject
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoInitialize
CoUninitialize
CoTaskMemAlloc
StringFromCLSID

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ