15bd1d87e6a755cc649062583b86d463_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15bd1d87e6a755cc649062583b86d463_JaffaCakes118
Size

743KB
MD5

15bd1d87e6a755cc649062583b86d463
SHA1

67fb3c542606d45aab018d400cf7f6403ca004f7
SHA256

a02355bfd02898116295d102dff4b7c612886cc2e32137de0d760eca1f83c29e
SHA512

6c18e0c5ffe147d6528662a491f1f10683b2c7b594389eaaba2bd71b5815ad363104264c699ccf84e8eb4d26943fd2da468b52940a4df213d7e583b16ed90229
SSDEEP

12288:q3kZ3N/IAglXYflZwiFJbO7cxMRbXqhI+N+b1YVTPs/sVmeU/vTs25w3pDZk:qOdXglYzwaU8MRWdTPPXUT75q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15bd1d87e6a755cc649062583b86d463_JaffaCakes118

Files

15bd1d87e6a755cc649062583b86d463_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9593b9c387422f775175d2611646c4ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
TlsFree
FindResourceExA
VirtualProtect
lstrlenA
GetLocalTime
PulseEvent
SetEvent
FreeConsole
CloseHandle
GlobalFlags
GetBinaryTypeA
GetACP
GetSystemTime
AddAtomA
GetModuleHandleA
InterlockedExchange
HeapReAlloc
GetTickCount
GetVersion
ExitProcess

user32

PostMessageA
ScrollDC
InflateRect
DestroyMenu
SetSysColors
GetWindowTextA
MessageBoxA
TranslateMessage
InsertMenuA
EnableScrollBar
SetPropA
GetKeyboardLayout
DialogBoxParamA
GetWindowLongA
GetMenu
GetMenuStringA
UpdateWindow
GetParent
GetDlgItem
DispatchMessageA
SetWindowPos
EqualRect
PostQuitMessage
CopyRect
ShowWindow
GetSubMenu
GetScrollRange
ModifyMenuA
LoadIconA

shlwapi

StrTrimA
UrlCombineA
UrlHashA
StrToIntExA
StrToIntA

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ