15a1690e508f34d27ddac9ace5dea824_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15a1690e508f34d27ddac9ace5dea824_JaffaCakes118
Size

384KB
MD5

15a1690e508f34d27ddac9ace5dea824
SHA1

24924986cb057eaffc0d4f8a19e80cacf6b10c01
SHA256

d279759fb27c158894475eae508e8494179b5e97879a6d0551373f0f74c67b9f
SHA512

629812096d8b18fbf4b55a4ce7689f1b84662aa50bbedddaad1afe58a3088ee901ce4631c92f215d549686929f50e9390cf5a930607e5bc2039fbee64cd090d9
SSDEEP

6144:CXSgz9XlQXigyklXSgzo530aAJOwpbaqcsb5sTmC1jr:CXSgz9XlQnyklXSgzo53bgOgT1sPl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15a1690e508f34d27ddac9ace5dea824_JaffaCakes118

Files

15a1690e508f34d27ddac9ace5dea824_JaffaCakes118
.exe windows:4 windows x86 arch:x86

486a90821d56d306ad957f9164684fe4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardLayout
GetDoubleClickTime

shell32

StrStrA
StrChrIA
ShellExecuteA
SHGetSpecialFolderPathA

kernel32

CreateFileA
lstrlenA
lstrcpyA
lstrcatA
WriteFile
Sleep
SizeofResource
RtlZeroMemory
LockResource
LoadResource
GetVersion
GetTickCount
GetModuleHandleA
GetCurrentDirectoryA
FindResourceA
CloseHandle
CopyFileA
ExitProcess

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 706B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 373KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE