14c77799ce939ca137dd734f9caa9dc2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14c77799ce939ca137dd734f9caa9dc2_JaffaCakes118
Size

581KB
MD5

14c77799ce939ca137dd734f9caa9dc2
SHA1

7949a81a7039efcce2aa2c72010b2454d4877857
SHA256

0a6fd3e7c29c68930ed07d5f459f4d842449d6435be89313b0535d0d4f41c9d0
SHA512

36ddf5ede279446a8aa463724c95d3308fb61616f9fa497af51cfa1221d38b99b4790b5d9d65f0dd67e0601b88e134ba6859313f35ffced7c49b014bd0400331
SSDEEP

12288:2n3BH60KRHUNtNg0HaGkQ6jfYCcZ5Xdtnh1XL+:iRHrbN00v6UZ5t1XL+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c77799ce939ca137dd734f9caa9dc2_JaffaCakes118

Files

14c77799ce939ca137dd734f9caa9dc2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

24b96a6766a5d9345fdcaa3fa7698cda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_APPCONTAINER

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetLocaleInfoA
GetFileType
GetFullPathNameA
GetCurrentProcess
OpenMutexA
InterlockedDecrement
ResetEvent
GetModuleHandleA
DeviceIoControl
SetStdHandle
InterlockedExchange
GetCurrentDirectoryW
GetShortPathNameA
lstrcmpiA
FormatMessageW
GetProcAddress
CreateSemaphoreA
GetComputerNameW
CloseHandle
lstrcmpiA
GetAtomNameW
GetVersionExA
GetDiskFreeSpaceA
GetLocalTime
GetTickCount
CopyFileA
DeleteFileA
GetStringTypeA
CompareStringW
GetLastError

authz

AuthzFreeResourceManager
AuthzFreeAuditEvent
AuthzInitializeContextFromSid

user32

IsDialogMessageA
GetWindowLongA
IsZoomed
GetMessageW
DialogBoxParamA
GetCaretPos
LoadCursorA
SetCursorPos
PostMessageA
DispatchMessageA
IsCharLowerW
wsprintfA

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 544KB - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ