14ad8601db408edc62431b65d19f5b1b_JaffaCakes118 | Triage

Sharing

General

Target

14ad8601db408edc62431b65d19f5b1b_JaffaCakes118
Size

74KB
MD5

14ad8601db408edc62431b65d19f5b1b
SHA1

229a01242a91839e406e8070f1c46c2be4e6a510
SHA256

9a9b16a201494a8aeb65b905e6fde1a77f96e62065451f47cf0f8c329f9d29ae
SHA512

ff1c240299c5a062e651ffe6d0b9a70b19c367abfcff8dde277b471d646cc316e55082958f4b036a5edfa96201023c36ba57b82069e30313f508c0fdaef3bb65
SSDEEP

1536:wPFnXjzPChjkpaeSvmy5HbicPbQAfnZ187aLKYJjrtciZk/YE:kXHP+kIHmy5mXg8Gm8iuQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14ad8601db408edc62431b65d19f5b1b_JaffaCakes118

Files

14ad8601db408edc62431b65d19f5b1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d8d0d8b57d89ee876f4db931879db99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommBreak
GetCommConfig
UnregisterWaitEx
IsBadWritePtr

user32

DrawTextExA
SetSysColorsTemp
CharToOemA
RegisterTasklist
SetWinEventHook

shell32

SHIsFileAvailableOffline
InternalExtractIconListW
CommandLineToArgvW
SHChangeNotifySuspendResume
DragFinish
RealShellExecuteExW
ExtractIconExW
SHLoadNonloadedIconOverlayIdentifiers

gdi32

MirrorRgn
ExtCreatePen
HT_Get8BPPMaskPalette
GetRegionData
GetGraphicsMode
GdiEntry10
SetColorAdjustment
RemoveFontResourceExW
GetLayout
StartPage

Exports

Exports

Prixyyvsd
Jvlbiaqxt
CloseCjxvomhrhe

Sections

.text
Size: 13KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ