c15bb6f090777dd46fc5966eb5682916_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c15bb6f090777dd46fc5966eb5682916_JaffaCakes118
Size

114KB
MD5

c15bb6f090777dd46fc5966eb5682916
SHA1

b393f4d524cf08e0497bfdd84274304b2bf0f7b7
SHA256

2b22eb58eb030aea5980f4e04e069bc6fa2c4ca5748d7293693f2817adff0123
SHA512

7a0fa2a486d06e6d1853b25b3a75d2040a5248f0f884d017b5988698ad8064130456f44ea4264442c9bcd89d3dabbe4b0b08378b402e6298f34b766376fbe7fb
SSDEEP

1536:lbIMlzKQtP2rQKI3LsoOXP9GNlBW1eanE4uOv+CdTytBjYH2kpmrd4kg0cFJ8s+B:qKjsoU9GNbmeMBu+d2vG2kpmredF3Ze

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c15bb6f090777dd46fc5966eb5682916_JaffaCakes118

Files

c15bb6f090777dd46fc5966eb5682916_JaffaCakes118
.dll windows:6 windows x86 arch:x86

38925d8001f54dfda08ee4cb986fe572

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\goepson\103fc2\32\objfre_wnet_x86\i386\E_DGE321.pdb

Imports

msvcrt

_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
wcsstr
_vsnwprintf
strstr
atol
_vsnprintf

kernel32

LoadLibraryA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
GetLocaleInfoA
Sleep
InterlockedExchange
GetModuleHandleW
GetVersionExW
HeapAlloc
GetUserDefaultLCID
GetModuleHandleA
GetProcAddress
SetLastError
GetVersionExA
GetProcessHeap
HeapFree

shell32

ShellExecuteA

Exports

Exports

GE_GetURLA
GE_GetURLW
GE_OpenELINK
GE_freeA
GE_freeW

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ