14bdc45c8a797a9c296cefbe7fc0b2c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14bdc45c8a797a9c296cefbe7fc0b2c6_JaffaCakes118
Size

39KB
MD5

14bdc45c8a797a9c296cefbe7fc0b2c6
SHA1

d2c9ed53a12391c85a88ca6692e6e95b7e89d076
SHA256

3c62398d96b90504012d6429ed0bb6af9bc6da165179657f98564481982cd993
SHA512

ecff25c87e0232a3a15f0bf4aa05d3c1214750e0feb09fdf3786533e0f7db820ca018a918ae64f0aa784eae9316b6cb5f51b3343171389b1b9fd5b534de3a650
SSDEEP

768:XdchRadN++DIq2JtiPKQvDtt42VQ2Kx0mXhao:XdciHItmPKUxVQ2KVx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14bdc45c8a797a9c296cefbe7fc0b2c6_JaffaCakes118

Files

14bdc45c8a797a9c296cefbe7fc0b2c6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c740c0ca0b62dfb93075d5ab5bfc40d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualQueryEx
GetCommandLineA
GlobalAlloc
WideCharToMultiByte
VirtualFreeEx
CreateEventA
GetFileAttributesW
lstrcatA
MultiByteToWideChar
ReleaseSemaphore
GetTempPathW
GetProcAddress
GlobalFree
LoadLibraryA
GetModuleHandleA
lstrcatW
CloseHandle
GetCurrentProcessId
UnregisterWaitEx
lstrcpynA
lstrcpyW
DeleteFileA
lstrcpyA
ReadFile
WriteFile
RtlUnwind
CompareStringA
CreateToolhelp32Snapshot
Process32First
SetFilePointer
lstrcmpA
ResumeThread
CreateFileA

user32

DestroyWindow
GetWindowRect
GetFocus
GetGuiResources
wsprintfA
GetClientRect
SendMessageA
RegisterWindowMessageA
wsprintfW
SetWindowLongA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
CreateWindowExW
IsWindowVisible
SetWindowTextA
EnableWindow
CallWindowProcA
SetDlgItemTextA
MessageBoxA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

abcd
efgh
ijkl

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ