14c2e6837a6eaac02b985fb13d91a263_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14c2e6837a6eaac02b985fb13d91a263_JaffaCakes118
Size

88KB
MD5

14c2e6837a6eaac02b985fb13d91a263
SHA1

099bb0f88d775eb6509ba05dd0f51afc7fe98090
SHA256

d7a83a0f5a61e7281d27a759314a40aea494e2c521e8d5000cc033a39f4ea345
SHA512

0c4f171ba3c26b1dc40810b2280f0d8191fe0ec422ca65c73a3867ec34da493f9fb79bf821bc2454ebd98d73374cffffc2c783fc73623a53c552a35c5dc9b769
SSDEEP

1536:+yeh22gkpN6ODBpLPhSD61LQ5g2guSxTfx1kXrosZTO:TeLgkJ1oSJx7grosZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c2e6837a6eaac02b985fb13d91a263_JaffaCakes118

Files

14c2e6837a6eaac02b985fb13d91a263_JaffaCakes118
.exe windows:4 windows x86 arch:x86

561bfe74eee712cead86a92f02973eeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetLastError
lstrcpyA
MultiByteToWideChar
SetEvent
CreateThread
CreateEventA
HeapDestroy
DeleteCriticalSection
Sleep
lstrcmpiA
GetCurrentThreadId
GetCommandLineA
lstrlenW
WideCharToMultiByte
lstrlenA
GetShortPathNameA
GetModuleHandleA
LoadResource
FindResourceA
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
InitializeCriticalSection
lstrcatA
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
OpenProcess
WriteProcessMemory
LocalFree
InterlockedDecrement
ReadFile
SetFilePointer
GetVersionExA
GetProcAddress
GetTempPathA
GetTempFileNameA
OpenFile
WriteFile
DeleteFileA
IsBadWritePtr
IsBadReadPtr
DeviceIoControl
LoadLibraryA
CreateFileA
GetVersion
SizeofResource
GetModuleFileNameA
FreeLibrary
HeapCreate
CloseHandle
RaiseException
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
HeapSize
TerminateProcess
ExitProcess
GetStartupInfoA
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
GetEnvironmentVariableA

user32

RegisterWindowMessageA
DispatchMessageA
MessageBoxA
CharNextA
SendMessageTimeoutA
PostMessageA
GetMessageA
IsWindow
GetWindowThreadProcessId

advapi32

RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA

ole32

CoUninitialize
CoGetClassObject
CLSIDFromProgID
CoInitialize
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc

oleaut32

VariantClear
LoadRegTypeLi
RegisterTypeLi
SysStringLen
LoadTypeLi
SysStringByteLen
SysAllocString
VarUI4FromStr
VariantInit
SysAllocStringLen
SysFreeString
VariantChangeType
VariantCopy
SysAllocStringByteLen

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

561bfe74eee712cead86a92f02973eeb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 33KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 8KB - Virtual size: 6KB