15dd31acc8a44c0f96f023258d130b3e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15dd31acc8a44c0f96f023258d130b3e_JaffaCakes118
Size

39KB
MD5

15dd31acc8a44c0f96f023258d130b3e
SHA1

44d49b082ab47523d28724104aa5fba7e0766dd8
SHA256

e43ddc34d76bd59bbf636948b74c1c64d472612d08f7c29d22e8a467f3543768
SHA512

c9458cf84ee61817b656c1bd947ebb48129e77437106a81fff5cf5402e5eee2688f23619e098bb7fb19012762fb703118a8b71a17cea75cbd6cc57b00aa84c75
SSDEEP

768:9pZz3leoJ7GfjDSL5ed6eQ0yoSp1mbRAaKzXgZ75ms:933h7ujDSL5N7oSpjaAX875ms

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15dd31acc8a44c0f96f023258d130b3e_JaffaCakes118

Files

15dd31acc8a44c0f96f023258d130b3e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

765df641c48378e74e17ee94af0e2192

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetDateFormatA
GetExitCodeThread
GetModuleHandleW
GetVersion
HeapAlloc
HeapCreate
IsDebuggerPresent
ResumeThread
SetEndOfFile
lstrcpynA

msvcrt

fprintf
strspn
malloc

user32

CreatePopupMenu
PostMessageA
ScreenToClient
GetCapture
GetSystemMetrics
IntersectRect

oleaut32

SysFreeString
SetErrorInfo
SysReAllocString
RevokeActiveObject
RegisterTypeLi

shlwapi

PathFindOnPathA
PathCombineA
PathBuildRootA
PathGetCharTypeA
SHOpenRegStreamA
SHQueryInfoKeyA
StrRStrIA
StrToIntA
StrChrA

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ