1b15c6f5f80dc6232b71c48c60bb533c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b15c6f5f80dc6232b71c48c60bb533c_JaffaCakes118
Size

109KB
MD5

1b15c6f5f80dc6232b71c48c60bb533c
SHA1

83b1ce8084ae7fcdb3399ce0694627f17cfe0609
SHA256

35be7f8d7d6c31b331e5f7532b3de53dd6c16b53c30af0dcae04f598d1628f87
SHA512

34ee53419e652a0b719c105cb58440dde5f014b7bf522cea3b53d69a561ba9b9b71c04e95f922fcde3fbc6157efa7e86b26328cf92ac9f41c17a564b775ea297
SSDEEP

1536:qn5A4iEe4wYt5bnSr7aVQK+6LulEN/6zTlGTkjURDoq4OZZZLlCIib:fEeNYtgviul5zTlGTfRD68wb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b15c6f5f80dc6232b71c48c60bb533c_JaffaCakes118

Files

1b15c6f5f80dc6232b71c48c60bb533c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9777c4479bdb340dbde3986de5b25e95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
RegEnumKeyW
RegSetValueA
RegDeleteKeyA
RegEnumValueW
RegCreateKeyExW

comctl32

ImageList_Draw
ImageList_Destroy
CreateToolbar
DllGetVersion
DrawStatusText
ImageList_Add
ImageList_LoadImageW
ImageList_EndDrag

gdi32

CreateBrushIndirect
GetClipBox
CreateHalftonePalette
ExcludeClipRect
CreateSolidBrush
RestoreDC
CreatePenIndirect
GetDCOrgEx
CreatePalette

user32

DrawTextW
GetCursor
GetFocus
IsMenu
IsWindow
CopyImage
GetDC

kernel32

FindAtomA
GetFileSize
CreateProcessA
OpenFile
ReadFile
WriteFile
GetComputerNameA
DeleteFileW
DeleteFileA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 59B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ