15c7e426064f81f9d23fd08ab12f94a0_JaffaCakes118 | Triage

Sharing

General

Target

15c7e426064f81f9d23fd08ab12f94a0_JaffaCakes118
Size

27KB
MD5

15c7e426064f81f9d23fd08ab12f94a0
SHA1

399a63abfda93691dff36028d3bad2d64801a6b4
SHA256

dc32bc832481e71f2d39ca20956a62134cd04bfbf31f6964dbbfcdfc63c3d3ef
SHA512

6a1d71dc8d56d72b8c5f6db3523acf96cd2a85bb2835a6150bac55b47eb8380e612f49fdd6ab134b2b4f73e6a45203a0d8fa06da848cf77d730c66fccf8baa53
SSDEEP

384:ycdOhVf9J9NST78m3B+SCRjufwB8/HjFTjSAD:ycErbun81SCVuJ/DD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15c7e426064f81f9d23fd08ab12f94a0_JaffaCakes118

Files

15c7e426064f81f9d23fd08ab12f94a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

744b0f4715420f3c98b04fa9c853621c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
FindResourceW
GetComputerNameA
LoadLibraryExW
lstrcpyA
CloseHandle
lstrlenA
CreateProcessA
GetModuleHandleA
SetLastError
PulseEvent
FindClose
GetCurrentThreadId
GetCurrentDirectoryA
CreateFileW
HeapCreate
Sleep
LocalFree
GetCommandLineA
UnmapViewOfFile

user32

GetCaretPos
DispatchMessageA
DrawMenuBar
CallWindowProcA
GetDlgItem
CreateWindowExA
CreateIcon
GetDC
IsWindow
CheckRadioButton
SetFocus
FillRect
DrawEdge

rsaenh

CPSignHash
CPGenKey
CPDecrypt
CPDeriveKey
CPHashData

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yggauxc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE