15da5c59b6ba90f2e7cd66f0819064e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15da5c59b6ba90f2e7cd66f0819064e6_JaffaCakes118
Size

159KB
MD5

15da5c59b6ba90f2e7cd66f0819064e6
SHA1

b6b16d9c907bba4d695f9058126caed32c594da1
SHA256

8ba9538dbcbfc12159ab54861e343fb0739fc288793f294c7ea4c541390e36dc
SHA512

66b61e1d9a6eea5abbcc10a7523521dc73880312054217f3b164ca004f3390ad5b082d845cf7f37ba6841509b2f441b3d383b34a05373ab4f0bfdba9d0b2d394
SSDEEP

3072:x1fw+sjPP8fjx0uqTywyVkN7HCdlgx17ZSMesG91m51Dro4MhY:3fxsjPPox0utM6lgx1ZSMFG7R4M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15da5c59b6ba90f2e7cd66f0819064e6_JaffaCakes118

Files

15da5c59b6ba90f2e7cd66f0819064e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4113985e2ab66f2d531d54dbc857f5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GlobalAddAtomA
SetCommBreak
GlobalFree
LocalSize
CloseHandle
GlobalFindAtomA
LoadLibraryExA
LoadResource
GlobalCompact
GetProfileStringA
GetStdHandle
GetProcessHeap
EnterCriticalSection
VirtualAlloc
GetOEMCP
GlobalLock
ExitThread
GetCommState
lstrcpyn
DeleteAtom

user32

GetWindow
IsIconic
ReleaseDC
CloseWindow
AlignRects
GetParent
GetWindowTextLengthA
EndPaint
GetClassNameA
GetActiveWindow
GetForegroundWindow
GetFocus
GetDC
GetWindowTextA
DrawEdge
BeginPaint
ShowWindow
GetClassInfoExA
ValidateRect

wsock32

WSAStartup
WSACleanup
WSAAsyncGetServByPort
WSAGetLastError
WSASetBlockingHook

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ