15ce5ee377b55ccdd7df1a2a613411cd_JaffaCakes118 | Triage

Sharing

General

Target

15ce5ee377b55ccdd7df1a2a613411cd_JaffaCakes118
Size

129KB
MD5

15ce5ee377b55ccdd7df1a2a613411cd
SHA1

558fdb1bf03b9d5e7386175a972c55d97e1249af
SHA256

21676e2a1baed59e24a561f480b5b9abd30a6ac7e666cc5e1be20c7123950c9c
SHA512

eb63c8c7bc74db477ffe35ab9104ca13fc135c18ab04e12a8fddaa1322143ddcc9fd1726d12ae06fc82a170afd2bae492be5c995deb727494b16adcd27c56fae
SSDEEP

3072:Nnb7pPcJ03s8xNori4AVJXVVhvYZxUW85n6C4i:NbBXxNorwV9YDfY1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15ce5ee377b55ccdd7df1a2a613411cd_JaffaCakes118

Files

15ce5ee377b55ccdd7df1a2a613411cd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4b1799598fd146ee65a05e1b0e26a41f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
InterlockedIncrement
GetCurrentDirectoryA
GetVersionExW
GetCommandLineW
LocalFree
lstrcmpiA
IsBadReadPtr
FreeEnvironmentStringsA
VirtualProtectEx
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetTempPathW
GetStdHandle
GetProcessHeap
SetHandleCount
FileTimeToLocalFileTime
Sleep
GetSystemDefaultLCID
FormatMessageA
InterlockedCompareExchange

msvcrt

_initterm
_except_handler3
free
__getmainargs
_XcptFilter
__p__commode
_adjust_fdiv
_exit
__set_app_type
__setusermatherr
__p___initenv
calloc
_controlfp
__p__fmode

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ