15cd8d1fe84b38fa1b4366a660e60026_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15cd8d1fe84b38fa1b4366a660e60026_JaffaCakes118
Size

180KB
MD5

15cd8d1fe84b38fa1b4366a660e60026
SHA1

2c63a0312994b01451ae35c43395594c652922d9
SHA256

897c1e54ecc306249aa5e8939c08c60b8f759ff27c0fd6fe77678c644335b172
SHA512

0df900afeb8f1a3e81b2f46bc062565ce63a6e1f2c0c8e673eb48e9c0b9b23517119f932fbc99cfc8f11fe3122e32e9f19c392880d8c16f1ff86a74eed7a5c15
SSDEEP

3072:VKJV58Oqwv/eTUopAf49d9nik4+RH2KwSG8/6ua/DsyxExs1Kl8hqIy5zpbpZxvQ:YlqwvGTU7Sd9fnRS8xa/pwl8hqjp/xv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15cd8d1fe84b38fa1b4366a660e60026_JaffaCakes118

Files

15cd8d1fe84b38fa1b4366a660e60026_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2835fd467ca025f488cc1d4250f2bc18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
HeapFree
IsDebuggerPresent
GetStringTypeW
RtlUnwind
WriteFile
GetACP
InterlockedExchange
LCMapStringW
EnumResourceTypesW
GetCPInfo
GetCurrentProcess
GetOEMCP
LZCopy
VirtualAlloc
GetStringTypeA
SetUnhandledExceptionFilter
LoadLibraryA
GetLocaleInfoA

oleacc

GetOleaccVersionInfo
AccessibleObjectFromEvent

msimg32

TransparentBlt

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ