15e1a398ea496cf2f8921484849864ab_JaffaCakes118 | Triage

Sharing

General

Target

15e1a398ea496cf2f8921484849864ab_JaffaCakes118
Size

240KB
MD5

15e1a398ea496cf2f8921484849864ab
SHA1

5275138c3ec09d6753bd294f728799e3005169cf
SHA256

56614a2df14e84b929da9eeebb047786392278e4f7fd15f80c9e79dc44cc7350
SHA512

1dc33ed80fc718c97e945d42868fcd32c8b7b2df08923847cf579020b93134eba96c213f4e14a45d7dab74c5a98ae4b487c730ee1d236e05bcbb83976026ae78
SSDEEP

6144:UBwpAnhUnRXTXAed8HRj+Dig/7deLC8/bOgGcAVUTzm9:RAniRjQyhDHeLx6g5AVH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15e1a398ea496cf2f8921484849864ab_JaffaCakes118

Files

15e1a398ea496cf2f8921484849864ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d657adebe5f3d4d2565ae27ce5daf1fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceExW
GetConsoleScreenBufferInfo
GetLogicalDrives
_lcreat
CallNamedPipeA
GetCurrencyFormatA
PeekNamedPipe

user32

TranslateAcceleratorW
GetClipboardFormatNameA
ClipCursor
IsWindowEnabled
SetMessageQueue
SetCapture
ToAscii
GetProcessWindowStation

gdi32

GetCharABCWidthsFloatA
CreateDIBPatternBrush
GetTextExtentPointA
SetPolyFillMode

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE