15f2930f264258e0756b766927546b04_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15f2930f264258e0756b766927546b04_JaffaCakes118
Size

340KB
MD5

15f2930f264258e0756b766927546b04
SHA1

8770ba788af5f26db0f734abe867f8b627ab466e
SHA256

1b32a2e4bbb848febc83cf193289913ee41414d0d21c2890f0e70db8257c10d6
SHA512

de737c2772406c25223580e80e6bdc0feb1f9c57eb5c790ac1cd71cf8295e962f13db7cfb0c04d25445f1a9254f76159a492cc7fa1a6c719cdb2444ae60b64b4
SSDEEP

6144:Dtcqs5XDmBZVDjDS3tUo0yTAnm6BYJ/wieFT2vatxeLVYkb1HXLGgl4zHpQtiu2t:5cqsVPeYAm6+/wieFTJeLVY+Ll4tQmvT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15f2930f264258e0756b766927546b04_JaffaCakes118

Files

15f2930f264258e0756b766927546b04_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9003dffc2068221d22d388be6ff145cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GlobalUnlock
CreateFileMappingA
lstrlenW
LocalFree
GlobalLock
FreeEnvironmentStringsA
GetConsoleCP
GetLastError
GetModuleHandleA
IsBadReadPtr
GetACP
HeapCreate
GetStdHandle
CloseHandle
CreateEventA
FindClose
IsDebuggerPresent
GetPrivateProfileIntA
CreateFileA

user32

GetDC
GetListBoxInfo
SetFocus
GetIconInfo
RedrawWindow
GetDlgItemTextA
DispatchMessageA
GetDlgItem
CheckMenuItem
DialogBoxParamA
GetMessageA
IsWindow
EndDialog
DrawIconEx

uxtheme

DrawThemeIcon
EnableTheming
GetThemeColor
GetThemeMetric
CloseThemeData

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ