15c97629e78eee80a3d6ef8eeea680a6_JaffaCakes118 | Triage

Sharing

General

Target

15c97629e78eee80a3d6ef8eeea680a6_JaffaCakes118
Size

213KB
MD5

15c97629e78eee80a3d6ef8eeea680a6
SHA1

c60bc50df49bcfb7135d5e57ac930bf486aeb728
SHA256

ce147bf1f09e93bc863f2a2ccd00172715fb733a46d7feaf2e6e714b7ae9efb5
SHA512

a1f466555585fc8cf54a7c653b25c2577f776c90e18dd9a473b377929a6c7cb74d0ff616055b6c05a3c56bbce837d36801d20b33180c9daf2014da0a78b77f75
SSDEEP

6144:KwyNcKnABDZwmufZ1bJrPPmJeAjEehcI:FdBledJr3mMCf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15c97629e78eee80a3d6ef8eeea680a6_JaffaCakes118

Files

15c97629e78eee80a3d6ef8eeea680a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e473d2d7fd34d63b9f78e38d43e99cfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
ChooseColorA
FindTextA

user32

GetIconInfo
GetDCEx
GetSysColorBrush
CharLowerA
GetForegroundWindow
GetMenuItemCount
IsCharUpperA
GetMenu
IsZoomed
GetCapture
GetDesktopWindow

kernel32

EnumCalendarInfoA
Sleep
VirtualAllocEx
ExitProcess
EnterCriticalSection
GetFileAttributesA
GetStartupInfoA
lstrcmpA
GetStringTypeA
GetEnvironmentStrings
CreateFileA
MulDiv
MoveFileExA
GetTickCount
CompareStringA
GetThreadLocale
GetCurrentThreadId
IsBadReadPtr
GetLocalTime
GetLocaleInfoA
CreateThread

gdi32

SelectPalette
GetPixel
CreateCompatibleBitmap
CreateBrushIndirect
GetBkMode
SetPixel

shlwapi

PathGetCharTypeA

Exports

Exports

4nRvH7jHE@12
_zBv68sriiUR
VFKnyT1HE3ys@8
_Qa_f4y3epmG9

Sections

.text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ