15944deac8b40aeb49e27dceef72679b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15944deac8b40aeb49e27dceef72679b_JaffaCakes118
Size

56KB
MD5

15944deac8b40aeb49e27dceef72679b
SHA1

330cb5a4e764711789400ac0fff1829d2db0be48
SHA256

6eddf75381ead6b8e25792ac4c5268c06124e1181665179ffdf7d5bac88aca6c
SHA512

1688434f9fbe510fe2e901c3d5c4399ab61a32971d93ee8400f8df5f7556d0cf7750661de1fa626220ae7d0eef258f441192b4ec0449235c062d28a48aa77829
SSDEEP

768:ymzzIMW0CGlQUqo4ZDLoQjiuqRNfOVw8z6/tFd1bEg49jnAHVakE:y29W0CBUqoUoQji1RhOVbzEiBZnaak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15944deac8b40aeb49e27dceef72679b_JaffaCakes118

Files

15944deac8b40aeb49e27dceef72679b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53cea03d8c3d7e7a91035992db51ebf9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
SetEndOfFile
ReadFile
GetCurrentProcessId
GetCurrentThread
FindClose
SetLastError
FindNextChangeNotification
lstrcpyW
GlobalAddAtomW
FreeResource
GetLastError
FindFirstFileW
FileTimeToSystemTime
FindResourceExW
SuspendThread
GetProcAddress
WriteFile
CloseHandle
FreeLibrary
LoadLibraryA
MoveFileW
GetSystemTime
TerminateThread
GlobalFree
LoadLibraryW
GetFileSize
GetDriveTypeW
DuplicateHandle
GlobalLock

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE