15bcac1c13b0f4d199762b2ba77d0c02_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15bcac1c13b0f4d199762b2ba77d0c02_JaffaCakes118
Size

28KB
MD5

15bcac1c13b0f4d199762b2ba77d0c02
SHA1

d68d2eecc477f3a18f31ca32db4654439ce55cf4
SHA256

0ff75e47403665ceece12243e17fb2da432c769a6e26e37d812c1407195c83c2
SHA512

6708ffc944bf46167f3f0197cd9fd7fdd430950b125d472f1bd088ee06ed87eaaaa9e10de13ffc8bacf841c77b9efc52e325573a32faa823a4640a4878236857
SSDEEP

384:4WiL5ce75syYvnJUovffDMYUeJOONv1HXX39xYKv0+RY:rgsyMfDMYUVw1H34KDR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15bcac1c13b0f4d199762b2ba77d0c02_JaffaCakes118

Files

15bcac1c13b0f4d199762b2ba77d0c02_JaffaCakes118
.exe windows:1 windows x86 arch:x86

dd4a7a1449f47c1b7b4925e1b9f68b7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
GetOEMCP
LeaveCriticalSection
GetModuleHandleA
HeapAlloc
DeleteCriticalSection
CreateEventW
GetStringTypeA
SetStdHandle
GetStartupInfoA
ExitThread
TlsGetValue
WriteFile
GetTickCount
WaitForMultipleObjects
HeapCreate
SetHandleCount
FindResourceA
GetCommandLineA
lstrlenA

msvcrt

_pipe
_ismbbgraph
__p__fmode
wcsftime
__set_app_type
_rmtmp
wprintf
__getmainargs
_acmdln
_exit
_controlfp
_pctype
__setusermatherr
_except_handler3
free
fsetpos
__p__commode
_adjust_fdiv
memcpy
_initterm
_ecvt
_c_exit
exit
_XcptFilter

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 106B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ