15f08d3bcb6620fbde7c8e05ba39258c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15f08d3bcb6620fbde7c8e05ba39258c_JaffaCakes118
Size

21KB
MD5

15f08d3bcb6620fbde7c8e05ba39258c
SHA1

9aa609faa640c7cccfa5deee39cbb8da2d0f6412
SHA256

6efbeceebe40218b7c3bc9c7b3dac0d36bc6db1bb703c4a2492bb2441c122493
SHA512

60d05bf44bc215a38f43c1e485f67c95b44ba1962af01341b631e3e976f4e75edf3302afdc3b69424072bb6d30565e2b708685162ffdffc388ff6f7ea85b0c12
SSDEEP

384:jgxTDwA18mFbYiO3U5+Nh4wKlsNwy2iSaarZSmL/goVnBr+P+pybESv:jgxTDwAmGbi3UoNyws6wjirQUH2k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15f08d3bcb6620fbde7c8e05ba39258c_JaffaCakes118

Files

15f08d3bcb6620fbde7c8e05ba39258c_JaffaCakes118
.exe windows:1 windows x86 arch:x86

0b65d6af1e9cb02beb2b4a173e985c76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitNamedPipeA
lstrcpynA
ScrollConsoleScreenBufferW
GetConsoleAliasesW
RemoveDirectoryA
lstrcpynA
WriteProfileStringW
GetDiskFreeSpaceExA
CreateJobObjectA
SetConsoleNumberOfCommandsW
GetPrivateProfileIntA
GetEnvironmentStringsA

user32

CreateWindowExA
IsCharAlphaA
CreateWindowExA
CharUpperA
GetMonitorInfoW
EnumPropsA
MessageBoxIndirectA
InsertMenuA
TranslateAcceleratorA

gdi32

GetTextExtentExPointA
CreateMetaFileA
EnumFontFamiliesA
ExtTextOutW
GetEnhMetaFileDescriptionA
GetTextExtentPointA

Sections

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 1024B - Virtual size: 890B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ