155b3f63d249adabb1a74fdbd9059aea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

155b3f63d249adabb1a74fdbd9059aea_JaffaCakes118
Size

51KB
MD5

155b3f63d249adabb1a74fdbd9059aea
SHA1

34c3cc56e6b7fdb70bdb3bd793b15bbaa3988984
SHA256

7f3d22436069c82eb76a3d4b8eb8894c96163d3774c53e4d4371be34cc4bcc54
SHA512

29995b7728a07fd7fa24e7f82ee357a59d7618c6f8aa368fa4de3a921de3297485bf902675e742b4ff5caaf48828c6a06f7660f83ece777d3906161d0dba1054
SSDEEP

1536:AsHgWvkb4lHfZ7vGsffg+1jBLfyP58PZUc+cvjl:AsAW39vGQnjh45jc3v5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
155b3f63d249adabb1a74fdbd9059aea_JaffaCakes118

Files

155b3f63d249adabb1a74fdbd9059aea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c746972cd8078ad36336eeaf9d28e03c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_exit
_strlwr
rand
_adjust_fdiv
_wcslwr
_wcsnicmp
iswctype
wcsrchr
_beginthreadex
_access

gdi32

SetBkColor
SetBkMode
GetStockObject
CreateDIBSection
DeleteDC
EndPage
CreatePen
SetMapMode
Polyline
SelectClipRgn
ExtTextOutA

ole32

CoDisconnectObject
CoUnmarshalInterface
CoAddRefServerProcess
OleCreateLinkToFileEx
OleCreateLink
OleNoteObjectVisible
CoFileTimeNow
OleCreateMenuDescriptor
OleCreateFromFileEx
CoTaskMemAlloc

user32

GetDlgItemTextA
ClientToScreen
PtInRect
IsZoomed
IsDialogMessageA
ScreenToClient
InvalidateRgn
PostQuitMessage
GetSysColor
SetWindowTextA
DestroyIcon

kernel32

lstrcatA
LockResource
SetUnhandledExceptionFilter
TerminateThread
GetProcessHeap
InterlockedExchange
GetEnvironmentStringsW
IsValidLocale
ResumeThread
DeleteCriticalSection
HeapDestroy
SetEndOfFile
SetEnvironmentVariableA
SearchPathA

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ