14c53ba6ce855d323ac7c599259a5984_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14c53ba6ce855d323ac7c599259a5984_JaffaCakes118
Size

335KB
MD5

14c53ba6ce855d323ac7c599259a5984
SHA1

d2bb3ad8848982a5e4b65a33a75c284da449b1fe
SHA256

050bca30828202e23e206bedae39cb103ac75ecc8aad455fcbe361ae94129074
SHA512

99d2a48137cc3f155d3d441e78cedc65ad574202be0f6c559f9733e67ae9f1fc7998ccebf4beec7548b52ffe4d7d6c5a09dca63ec26bf040f5935163cf85ffd8
SSDEEP

6144:szZ+NTm+5NbUByySfk7Wmwi/sOYD6gPMeXVY:szZ+RmOdUv7W3iUKiMeY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c53ba6ce855d323ac7c599259a5984_JaffaCakes118

Files

14c53ba6ce855d323ac7c599259a5984_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9a8f874a24ec3e59ebe525b0b39d198

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\trehchdpem\wjdxi\xuamp\fsa

Imports

kernel32

LCMapStringA
GetStdHandle
TlsAlloc
HeapDestroy
RtlUnwind
GetTickCount
VirtualAlloc
GetCPInfo
HeapAlloc
lstrcatA
GetCurrentThreadId
FreeEnvironmentStringsW
SetFilePointer
GetLastError
VirtualFree
CompareStringW
lstrcmpi
GetLocalTime
ReadConsoleInputA
LoadLibraryA
DeleteCriticalSection
GetStringTypeA
HeapCreate
CopyFileA
GetProcAddress
ReadFile
TerminateProcess
GetEnvironmentStrings
CompareStringA
OpenMutexA
GetStartupInfoW
GetProfileStringA
SetLastError
LoadModule
GetShortPathNameW
GetCurrentProcess
GetVersion
PulseEvent
FreeEnvironmentStringsA
TlsGetValue
TlsSetValue
GetSystemTimeAsFileTime
MultiByteToWideChar
GetCommandLineW
EnumDateFormatsExA
GetCurrentThread
ExitProcess
TlsFree
GetEnvironmentStringsW
GetCurrentProcessId
LeaveCriticalSection
VirtualQuery
GetFileTime
HeapReAlloc
GetModuleFileNameA
GetModuleFileNameW
GetFileType
GetPrivateProfileSectionA
SetStdHandle
GetModuleHandleA
GetStringTypeW
UnhandledExceptionFilter
SetHandleCount
GetTimeZoneInformation
ExpandEnvironmentStringsW
InterlockedDecrement
EnterCriticalSection
CreateNamedPipeA
InitializeCriticalSection
InterlockedIncrement
QueryPerformanceCounter
FlushFileBuffers
WriteFile
WideCharToMultiByte
GetStartupInfoA
CreateMutexA
InterlockedExchange
GetCommandLineA
SetEnvironmentVariableA
CloseHandle
GetSystemTime
HeapFree
SetLocaleInfoA
GetVolumeInformationW
LCMapStringW
IsBadWritePtr
GlobalAddAtomW

comctl32

InitCommonControlsEx
CreateStatusWindow
ImageList_LoadImageW
ImageList_AddIcon
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Destroy

user32

ChangeDisplaySettingsExW
ShowWindow
RegisterClassExA
GetClipboardFormatNameA
DefWindowProcA
DestroyWindow
CreateWindowExW
PtInRect
MessageBoxW
RegisterClassA
SwapMouseButton

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9a8f874a24ec3e59ebe525b0b39d198

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 13KB - Virtual size: 41KB

.data Size: 86KB - Virtual size: 85KB

.rsrc Size: 43KB - Virtual size: 43KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 13KB - Virtual size: 41KB

.data
Size: 86KB - Virtual size: 85KB

.rsrc
Size: 43KB - Virtual size: 43KB