14c734f6f910a1d0088f8beb7507fad6_JaffaCakes118 | Triage

Sharing

General

Target

14c734f6f910a1d0088f8beb7507fad6_JaffaCakes118
Size

244KB
MD5

14c734f6f910a1d0088f8beb7507fad6
SHA1

cd728d6fe3c8a4d62277f510d021e53d2ded332f
SHA256

d94f5c2c4494ca434432c9be452ee6f3466b54b6622be3f86654fba0dc9a299c
SHA512

1d69d40f7f06ae954de3ea0a594fc0a6aabee7c5214e39dda439488ac4d8900faceb85f70d58da8b09d869b00fb013f33882a69d45a539012e194cfa53749021
SSDEEP

6144:RyY6T2haY9ldryYnt8ovWgWlrnna4DUymHah2CrxHKz9J:RyvnYrLtsx3DUyAU2VJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c734f6f910a1d0088f8beb7507fad6_JaffaCakes118

Files

14c734f6f910a1d0088f8beb7507fad6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11cad965f4cd5c63cba572fa56413c06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
CreateNamedPipeA
lstrlenA
GetProcessIoCounters
ProcessIdToSessionId
FormatMessageA
SetErrorMode

user32

DrawIconEx
DdeCreateStringHandleW
LoadAcceleratorsW
LoadMenuIndirectA
DdeUnaccessData
DdeFreeDataHandle
UnhookWindowsHookEx
SetWindowLongA
RegisterShellHookWindow
GetMessageA
LockWindowUpdate
IsDlgButtonChecked
IsMenu
CallMsgFilterW
EndDialog
LoadKeyboardLayoutA

gdi32

SetBitmapDimensionEx
GetPolyFillMode
GetTextExtentPoint32W
StrokeAndFillPath
ExtSelectClipRgn

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 902B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE