15b96a2ad8970925d9e3f9e4d1b28b28_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15b96a2ad8970925d9e3f9e4d1b28b28_JaffaCakes118
Size

1.0MB
MD5

15b96a2ad8970925d9e3f9e4d1b28b28
SHA1

3d587c1bc02c182bdb8326723733d5a476c18a3f
SHA256

6886cb74a5dd54bd537fb39d0a6b1a9c197d77f0c2c679e67283a802727a0c55
SHA512

2dad9ebae720bb85f6dd54f476dd7f1abd0f1b9bbac1237c7066a784b4007ec54bcfdc85ecd5412a471c6f178429cdc98c17fc2a8343ed948c8b4d423a2bd7a3
SSDEEP

24576:s5y2l6368LTDGdT/qy4jKApad++OUqnWXRYL8/MEUn/tN+kNY:cOGdMjKApFncXKL8/MEa/t4ky

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/install.exe

Files

15b96a2ad8970925d9e3f9e4d1b28b28_JaffaCakes118
.zip
gdbmdll.dll
install.exe
.exe windows:5 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

Sections

dcgmumwo
Size: 257KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rbsxloti
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bkmdkepk
Size: 754KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pxxfswfo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
release_notes.nfo