14d16b9bdf69370e3214b6ba58f17ef8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14d16b9bdf69370e3214b6ba58f17ef8_JaffaCakes118
Size

158KB
MD5

14d16b9bdf69370e3214b6ba58f17ef8
SHA1

d89a67db871757ac6151a0e2b0faf369d4616efa
SHA256

9708537c40c10cf122ee4eb3fbd780c349bff3775ac1628503b7a810f7edc5b9
SHA512

fcc6941bc3978a9f35a12b9547522f2705e49f53456e2706f86e4912146917f7c64d827804d50297ac7606e5a92d093d4b426dccc3098517857d44edbf34b82c
SSDEEP

3072:dUV0+ayPdUPuDkkuR+jp3uAjcjDy5RPCS+1q5JvqjGvr3u:WVvhPmPuDpuR+jkAIjuq4vqjir3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14d16b9bdf69370e3214b6ba58f17ef8_JaffaCakes118

Files

14d16b9bdf69370e3214b6ba58f17ef8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e23f15c9403413699f5c1a9c2dc7af0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetACP
GetModuleHandleA
GetOEMCP
GetProcessAffinityMask
GetStartupInfoA
GetUserDefaultLCID
GlobalLock
HeapAlloc
HeapCreate
IsBadReadPtr
MulDiv
SearchPathA
SetPriorityClass
SetThreadAffinityMask
SetUnhandledExceptionFilter
lstrcatA

msvcrt

_stricmp
time

user32

AppendMenuA
DefDlgProcA
ExitWindowsEx

oleaut32

OleIconToCursor
VarBstrCmp
SysFreeString
SetErrorInfo
SafeArrayAllocDescriptor
SafeArrayAllocData
RegisterTypeLi
ClearCustData

shlwapi

SHDeleteEmptyKeyA
SHEnumKeyExA
SHOpenRegStreamA
StrRStrIA
StrStrIA
PathCombineA

Exports

Exports

FlushD3DDevices
W32N_CloseAdapter

Sections

.text
Size: 75KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ