15e7332c1e4e685220b4d98a80a80e18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15e7332c1e4e685220b4d98a80a80e18_JaffaCakes118
Size

161KB
MD5

15e7332c1e4e685220b4d98a80a80e18
SHA1

7f741f88a1e17d639cb1fa8e2f1ca2cb33a27075
SHA256

bb585bee349f6c7be27cb3b81789c7b0128a730431f9dd1a759f80cdb575dc20
SHA512

f0743fb195765a7aaf4549b3f711c643859eaa7785163a50abb27dbc676172cacf217ac69c737c0c150d183c4af50c0d7d3df4036c9a9c6f3a88ed2e9d0923f9
SSDEEP

3072:ymqeuvPgIFnmi8T2eyPOlgv9+C2kj2Y5liXHKPiN+qhMr+JeUQyVHOH8kHP1xQf:6euXHGTDsfvMod5wXHKPiWpyVHOceNx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15e7332c1e4e685220b4d98a80a80e18_JaffaCakes118

Files

15e7332c1e4e685220b4d98a80a80e18_JaffaCakes118
.dll windows:5 windows x86 arch:x86

8eabc962a74f78f421031f27af4149ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

M:\jkfuazuQUmtoi\cfaqeLbtesC\mUqXxXQRXgdNbx.pdb

Imports

user32

GetActiveWindow
LoadMenuW
GetForegroundWindow
GetTopWindow
FindWindowA

kernel32

HeapWalk
SetCurrentDirectoryA
lstrcmpW
GetLocaleInfoA
OpenFileMappingA
IsBadCodePtr
GetShortPathNameW
GetModuleHandleW
CreateMailslotW
LocalUnlock
FindResourceExA
DeleteCriticalSection
FindNextChangeNotification
DeleteAtom
CopyFileW

Exports

Exports

?InfiniteAllo

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jgh
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hbg
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vcb
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tre
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ