15daf9dd01d7431bc18a7304eb53f3a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15daf9dd01d7431bc18a7304eb53f3a7_JaffaCakes118
Size

146KB
MD5

15daf9dd01d7431bc18a7304eb53f3a7
SHA1

03399742b2cfad56b131756eefa46e642454f713
SHA256

1eea740fb693360705adc45cee9ad5da9cc98d95e40cdf731855ba3860da9b69
SHA512

c63b912cd575570e84265ea70942d4b757d1e89d68a6b026df2c41fa5ef8b8d1920433a7569c25796e55afa2275b07cdfd3c9d4c4e336ba113eabecf8585eb47
SSDEEP

3072:MDzbisldAxDO3YC1t8Wuhhk1mBFgmg/QzM+aW3J78ruvDqEVE3js:M/bi2dYDOIcyWm4Mimg/QzMPW3JgCpN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15daf9dd01d7431bc18a7304eb53f3a7_JaffaCakes118

Files

15daf9dd01d7431bc18a7304eb53f3a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c9e51edf08d3e546a4e5feef03ef6ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
GetLocalTime
LocalSize
VirtualAlloc
GetOEMCP
GlobalFree
EnterCriticalSection
GlobalLock
CloseHandle
DeleteAtom
lstrcpyn
GetProcessHeap
SetCommBreak
LoadResource
LoadLibraryExA
SetConsolePalette
GetStdHandle
GetProfileStringA
ExitThread
RaiseException
GlobalAddAtomA

user32

ReleaseDC
AlignRects
GetWindow
GetWindowTextA
DrawEdge
GetDC
ValidateRect
IsIconic
GetForegroundWindow
GetWindowTextLengthA
CloseWindow
GetParent
ShowWindow
BeginPaint
EndPaint
GetClassInfoExA
GetActiveWindow
GetFocus
GetClassNameA

wsock32

WSAGetLastError
WSACleanup
WSASetBlockingHook
WSAAsyncGetServByPort
WSAStartup

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ