615d92ca148afef95c9fc5c6d765d300_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

615d92ca148afef95c9fc5c6d765d300_JaffaCakes118
Size

428KB
MD5

615d92ca148afef95c9fc5c6d765d300
SHA1

18049edef0c172e94beb68b0e32e41cf0d13df6d
SHA256

5033eaa22bcaa7df82260da3bf522a78a623e0f66c72c6198957977da7ba246c
SHA512

f18e1f4cf2b4320841ca94bcb7c1f17d5718613322c8273d7597242aad24e7a1b2c44196d528f1b6b564300140bf94b1f26b7fa7d84cdf4019d67f41e752c7f7
SSDEEP

6144:CiqrKL2ec9KfxSOXou26GA/D+MzsXmxFit+Hg9iWLvJNS7Syckgd4HkRcqD/etvs:1L9xCqOMzsXmaiWLDS7QzuoD/XAbCl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
615d92ca148afef95c9fc5c6d765d300_JaffaCakes118

Files

615d92ca148afef95c9fc5c6d765d300_JaffaCakes118
.exe windows:5 windows x86 arch:x86

92a0a723dc1f1ed28f879ad127a79e62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualQuery
RaiseException
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
SetLastError
HeapSize
ExitProcess
TlsGetValue

user32

GetWindowTextLengthW

gdi32

GetEnhMetaFileW
EndPage
StartPage
EndDoc
StartDocW
RealizePalette
GetBkColor

Sections

.text
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 174KB - Virtual size: 463KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ