15aebc063199f54f37a7825bca03bcde_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15aebc063199f54f37a7825bca03bcde_JaffaCakes118
Size

148KB
MD5

15aebc063199f54f37a7825bca03bcde
SHA1

7d8011c11ff6f848ad1dd2d17a822dbf3143f55d
SHA256

ab8d6aa37bd2285c52b8572a237a9343904c0cb1e26f913f8332d7b627e7a208
SHA512

96ce9e4a80f21465ae2ecce0e395127643c3608d05f52f67527469bf42d55046a8ec0c4baf4faa532c9e58b61c1ecdf9eb2f6057f598e7cf0da0da00f5b6381b
SSDEEP

1536:Dvqp2dqj96gDIK9xb7+ADhEpVJJKmz2VUS18ORF5wTLNLHD9Z5:mp28Ugsob7MDJuWSTF5SLNLHZZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15aebc063199f54f37a7825bca03bcde_JaffaCakes118

Files

15aebc063199f54f37a7825bca03bcde_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ad5f8b9c1ca5d6364b27149f03c3e951

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
TranslateMessage
DispatchMessageA
CharNextA
GetSystemMetrics
ShowWindow

gdi32

SetStretchBltMode
SetBkMode
SetTextAlign
GetPixel
CreatePen

kernel32

GetCommandLineA
GetWindowsDirectoryA
GlobalFindAtomA
DeleteFileA
GetCurrentProcess
GetStartupInfoA
lstrcmpA
GetCurrentThreadId
GetModuleHandleA
VirtualAlloc
VirtualFree

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 990B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Lfufmdha
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ