15d53ba3255c75d2ccaca6e0b79e20ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15d53ba3255c75d2ccaca6e0b79e20ce_JaffaCakes118
Size

1.9MB
MD5

15d53ba3255c75d2ccaca6e0b79e20ce
SHA1

898e004bcf3c415005c3c62e24b0a760bf28c3aa
SHA256

e46fc73a645de6dec5a08da40196eae2db141a5f86ba7cdbf484d5ee7bd6d08e
SHA512

dfa96670ecfeb3d50af6dcc649eba104abc8a989daa09944c550c68e2b145f9dab5425bd1623aa29884d2ca21b0d4f99876283343777dbc691600bfffdcb9962
SSDEEP

24576:jlL3P4LxWmuMkaSIf3GcmjXg9eoO3THXJ/lZ3C4natlgS5y/RPUuAQIi+hSnYiS6:jlP6WmAap9agEHXFlZ4OS5/i+h8GN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15d53ba3255c75d2ccaca6e0b79e20ce_JaffaCakes118

Files

15d53ba3255c75d2ccaca6e0b79e20ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b9060c47f3ce891cd8e1b6a6f6e15d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
ExitProcess
LoadLibraryA
ReleaseSemaphore
VirtualAlloc

Sections

.text
Size: 491KB - Virtual size: 491KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 490KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 981KB - Virtual size: 981KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ