14b938fd006014594e5b13fdc2b1266d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14b938fd006014594e5b13fdc2b1266d_JaffaCakes118
Size

171KB
MD5

14b938fd006014594e5b13fdc2b1266d
SHA1

19ff0a7ddb5faa37e27aa24d35b493361ee180eb
SHA256

465da4d373185db4e2b2cb9ea08b8ff516bd467ec02e2a69ce3be389ac7b4a55
SHA512

f13973bbdef14ff4a6f89e0c3a9f1aef03e5599ccf340b270d10d2729d509c8fcee49ca70149b532c9a71a1b64feddc0d7b9b2d883ea6c4a2fcbf214b75ad171
SSDEEP

3072:vTszctfY2rS5SldjeSBPYQfKTs4xIRROZJMTKuiSmkbS33sABswUJ/7Q6LGwfPno:7bY2WSlR7agBhRROZnke33xBZW/E6DPo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14b938fd006014594e5b13fdc2b1266d_JaffaCakes118

Files

14b938fd006014594e5b13fdc2b1266d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb4c98116cb0eb09993bba2ff1897dff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
SetStdHandle
GlobalGetAtomNameW
WriteConsoleA
GetOEMCP
SetFilePointer
GetACP
RtlUnwind
HeapReAlloc
TlsAlloc
IsValidCodePage
EnumResourceTypesW
GetConsoleOutputCP
TlsGetValue
GetCPInfo
SetUserGeoID
GetTimeFormatA
GetDateFormatA
HeapSize
MultiByteToWideChar
VirtualAlloc
TlsSetValue
RaiseException

rpcrt4

RpcStringFreeA

shell32

SHGetDataFromIDListW
SHBrowseForFolderA
ShellExecuteExA
SHGetFileInfoA
DragAcceptFiles
SHGetPathFromIDListA
Shell_NotifyIconA

user32

LoadStringA
DispatchMessageW
GetDesktopWindow
DispatchMessageA
PeekMessageA
MessageBoxA
CharNextA
wsprintfA

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ