15451b4a946e3b3c21bbc440e13783c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15451b4a946e3b3c21bbc440e13783c5_JaffaCakes118
Size

4.9MB
MD5

15451b4a946e3b3c21bbc440e13783c5
SHA1

2df3902743a381d68b779057864265fc116bf1fc
SHA256

afd722ec27f0b90ce239c6cf2921fc2c7782df0a926fc5df3ca4e0add86bbf85
SHA512

f1cfa9fa4f8b458a3c7da9fad0de7e2585d14237ab6e1f543fbe85f2a7df95ad37ee011c40b253c2ff46da85ec2662dd3b290d572239edc23d6e29c4421a94da
SSDEEP

98304:jdFynApnTTkfSNkjFlu6QnionBKqjSDvg0iDjIGtTfknYFgu5imDrUgQ+Vz:jdFyApTHQy6QnioBD2c0gMGJfECiKUdY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15451b4a946e3b3c21bbc440e13783c5_JaffaCakes118

Files

15451b4a946e3b3c21bbc440e13783c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98dbd91657a2243bd4e32ab36e4a86ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
GlobalUnlock
lstrcmpW
CreateProcessA
TlsAlloc
GetACP
GetModuleHandleW
OpenEventA
WriteFile
WriteProcessMemory
GetCurrentThreadId
Sleep
IsBadReadPtr
GetDriveTypeW
CreateThread
GetStdHandle
ExitProcess
GetLastError
SetStdHandle
GetExitCodeThread
WaitForSingleObject
CreateFileA
OpenMutexW
GetConsoleMode
TlsGetValue
GetFileType
CreateFileMappingW
FileTimeToSystemTime
GetSystemTimeAsFileTime
lstrcatA
lstrlenW
GetThreadLocale
GetVersion
GetComputerNameW
GetCommandLineW
InterlockedDecrement
SetThreadPriority
SetHandleCount
VirtualProtect
VirtualAlloc
FindResourceW
LoadResource
CloseHandle
GetOEMCP
GetCurrentProcessId

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 1024B - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 455B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ