14c2383f524352876f5f03ac393feb77_JaffaCakes118

General

Target

14c2383f524352876f5f03ac393feb77_JaffaCakes118
Size

205KB
MD5

14c2383f524352876f5f03ac393feb77
SHA1

0d8d3b9a46a9990000854e0e7a4517538bcee054
SHA256

c6e0422ea1d18ff3fcd3c9302f3041f908544d59f97fbc0036367cb610fc77f5
SHA512

d7ee0304be4bb546fac29f33bef793a7b929623571d866d08dec4a74362fb7403565d76c11c1f121e5b53b82f56e5d382e053eee45a738a5f416ee0f579c3d5c
SSDEEP

3072:IWp5jj6QuSYYWGYGQCnswUY8t/V7b2Y58byPpNaZ/YVUTF8RJrClD86FaSuiK+LF:5p5jj69TtGYw/8t/UYeIUYqFQB+aEKu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c2383f524352876f5f03ac393feb77_JaffaCakes118

Files

14c2383f524352876f5f03ac393feb77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c8447c33ccb571b74da6e4cd8369f8da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFiberEx
InterlockedExchange
TlsAlloc
VirtualProtect
QueryPerformanceCounter
FoldStringW
GetProcAddress
GetSystemTimeAsFileTime
TerminateProcess
GetLocaleInfoW
GetCurrentProcessId
UnhandledExceptionFilter
FreeLibrary
WaitForSingleObject
RaiseException
TerminateProcess
EnumResourceNamesA
GetCurrentThreadId
ReleaseSemaphore
LoadLibraryA
GetCurrentProcess
TlsFree
DeleteFileW
Sleep
GetCommandLineW
GetLastError
FlushFileBuffers
GetModuleHandleW
SetUnhandledExceptionFilter
CreateSemaphoreW
LoadLibraryW
GetTickCount
CloseHandle
TlsGetValue
GetProcessHeap
GetStartupInfoA
InterlockedCompareExchange
LocalAlloc
IsDebuggerPresent
GetModuleFileNameW

user32

UpdateWindow
IsIconic
DestroyWindow
GetWindowPlacement
IsZoomed
RealGetWindowClass
GetParent
MapVirtualKeyW
SetWindowPos
LoadIconW
LoadImageW
GetSystemMetrics
SetWindowPlacement
IsWindow
ShowWindow
SetForegroundWindow

msimg32

AlphaBlend

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8447c33ccb571b74da6e4cd8369f8da

Headers

File Characteristics

Imports

kernel32

user32

msimg32

setupapi

Sections

.text Size: 185KB - Virtual size: 185KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 16KB - Virtual size: 15KB

.tls Size: 512B - Virtual size: 352KB

.text
Size: 185KB - Virtual size: 185KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 16KB - Virtual size: 15KB

.tls
Size: 512B - Virtual size: 352KB