14c008eaad304c6c71a56b246d1b37b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14c008eaad304c6c71a56b246d1b37b6_JaffaCakes118
Size

499KB
MD5

14c008eaad304c6c71a56b246d1b37b6
SHA1

941fc4bcc27ca997a1593e292eadc782c8d92575
SHA256

3f5ba6251680caae86782ab8385699b64a26f726ab4b6d825a55b93ba6d68157
SHA512

3cf1940c94477588e0b6ce476b0ce5b770239b25676e2e14e9ab02874a098ead0c33983f65d482ba7b18ac44bb962451171b717d9f84b98bb48cb83952bda09c
SSDEEP

6144:GvMFAgl69J834lpBuEiuYIX/10piQZm0DYxYSMl956KQnbuZL9/zhYSuFqdz:Gk3Xiuy/1MfXnQw9/zhY/6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c008eaad304c6c71a56b246d1b37b6_JaffaCakes118

Files

14c008eaad304c6c71a56b246d1b37b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1099926a2fa38cc8b5fddb67715a3a7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
_except_handler3
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_controlfp
_exit

kernel32

GetModuleHandleA
LocalLock
QueryPerformanceFrequency
SetCommState
GetExitCodeThread
FlushConsoleInputBuffer
FlushFileBuffers
InterlockedCompareExchange
GetStartupInfoA

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ