15c151a004df1476e54c662535dfec56_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15c151a004df1476e54c662535dfec56_JaffaCakes118
Size

364KB
MD5

15c151a004df1476e54c662535dfec56
SHA1

05012bafeac6e64f5491fdd67d4e2f329b3bb301
SHA256

c3c305878cbc943f880ae849ec0fd79bc96dfbd9c9776ead538b1ed3e41d48f2
SHA512

3ad69f111577507c287f77c6fb79fdd1dcede2926575c3fc9e4f87541e94af55080bd1fe6b7de944868f8b0948000719967df627dabecbef1566ad6bee325692
SSDEEP

6144:JnCyXMFWRPs8OW452Q0H2DjOnJm6Zy/ZPAQ9gBf:hXMFOkbV5f0H2DeJxZaZPJ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15c151a004df1476e54c662535dfec56_JaffaCakes118

Files

15c151a004df1476e54c662535dfec56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5f4bb1243836de7c5d73abaf98b94d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
SetLastError
GetACP
CreateMutexA
DeleteAtom
TlsGetValue
FindResourceA
CreateFileA
ReleaseMutex
FindClose
HeapCreate
lstrlen
PulseEvent
GlobalFree
GetModuleHandleA
CloseHandle
LoadLibraryA
IsBadStringPtrW
ExitThread
GlobalUnlock

user32

GetDC
CopyRect
IsWindow
GetIconInfo
DispatchMessageA
DrawMenuBar
CheckRadioButton
GetDlgItem
SetFocus
DrawEdge
DefWindowProcW
CallWindowProcA
FillRect

msasn1

ASN1BEREncBool
ASN1BEREncEoid
ASN1BERDecCheck
ASN1BERDecBool
ASN1BERDecNull

dpnet

DirectPlay8Create

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ