14ab8724ff584cadd5cc439b1036cbfc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14ab8724ff584cadd5cc439b1036cbfc_JaffaCakes118
Size

146KB
MD5

14ab8724ff584cadd5cc439b1036cbfc
SHA1

9393cca913eb25f4c2ffeb2ebce77371ccf1e201
SHA256

2192f633c412f022d9a931230276373b782b43aef3c749447e9faf406cdab82c
SHA512

75059c0411daeb0cacfebeb2768bd5976080d10a48817372c526c623f9c5996b17f77080db0509c480f20740a9ae9a915285151b0d8fc70ea119eb2b006eb5df
SSDEEP

3072:t7fL6ADhJ1luf+5Di2/m7V2vVPuYK5gQFF0Zo:RfL6AlEF7V2sYK5rn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14ab8724ff584cadd5cc439b1036cbfc_JaffaCakes118

Files

14ab8724ff584cadd5cc439b1036cbfc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

6af1922a02b6a44b6a0820a60299381b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetEnvironmentStringsW
ExpandEnvironmentStringsA
QueryPerformanceFrequency
UnmapViewOfFile
GetVersion
HeapCreate
InitializeCriticalSection
SetEndOfFile
ReadProcessMemory
DeviceIoControl
GetFileTime
LoadLibraryW
ReadFile
GetExitCodeThread
GetStartupInfoA
HeapFree
SetThreadAffinityMask
Sleep
CloseHandle
WriteConsoleA
CreateFileA
MultiByteToWideChar
GetModuleHandleA
LCMapStringA

msvcrt

__setusermatherr
memcpy
_get_heap_handle
__set_app_type
_getdrives
iswascii
_purecall
_wenviron
_adjust_fdiv
_i64tow
_outpw
_XcptFilter
_initterm
_except_handler3
_exit
_wfreopen
_scalb
_scwprintf
fclose
exit
_rmdir
isupper
_controlfp
_mbsnset
__getmainargs
memset
__p__fmode
_acmdln
_wperror
log
__p__commode
_ctime64
_close
bsearch
_fsopen
sscanf
_makepath
_wrename

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ