15fb7fb799a9f7eb6189de5bc5ffe5b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15fb7fb799a9f7eb6189de5bc5ffe5b6_JaffaCakes118
Size

69KB
MD5

15fb7fb799a9f7eb6189de5bc5ffe5b6
SHA1

02c9cd7f0278c55d1596dd3dbdc6128633738dbc
SHA256

e82ae217a927cd43cf8d7c678240042afd25fdaaacd00c9e3141a82b3f793776
SHA512

9799cd86827a3b8754bc508a966e065619bc089488a4012ca48c37b8f365cf9a328922bc6ce63db326dad287c0bdab642e0bf204612376635eff8d16a8d1b29c
SSDEEP

1536:4Rh0OG/DbUz4ExwQfx+TJIvcf82Q7lc1D21RSJmBHtdjsyo:4Rh0x/XUMExw4YBkBhUDyBHtdoyo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15fb7fb799a9f7eb6189de5bc5ffe5b6_JaffaCakes118

Files

15fb7fb799a9f7eb6189de5bc5ffe5b6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

71d2c4d110f1d1022a21368dab4abb2f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
GetCommandLineA
GetModuleHandleA
GetModuleHandleW
GetVersionExA
HeapAlloc
HeapCreate
LocalFree
lstrcmpA

advapi32

AccessCheckByTypeResultListAndAuditAlarmA

setupapi

SetupDiOpenDevRegKey
SetupUninstallOEMInfW

user32

SendMessageA
SendMessageTimeoutW
GetIconInfo

Sections

.text
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ