14cdf64a2751141e09966d0a9b998562_JaffaCakes118 | Triage

Sharing

General

Target

14cdf64a2751141e09966d0a9b998562_JaffaCakes118
Size

364KB
MD5

14cdf64a2751141e09966d0a9b998562
SHA1

37b43095e69c78c849adb969a039ed2ade960696
SHA256

6ec4bb5310f29793bb191342c1ad0e5ff3a424a5288af14d59c1cf166f22ea4d
SHA512

dd3de45c1c11e70a85b0fa655287a606966d87e6a3dc16c3f5840f82a1adccf9fe2fb9e83c5831d562702093fa83fca850807f87fdc804e56b4d9be11b57523e
SSDEEP

6144:mBMTvQEYBpy8wLY/5fxpKfS7YURZlO52/DxSVeHSl8dXnll1:+rpSOzOEBE2/DIohpll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14cdf64a2751141e09966d0a9b998562_JaffaCakes118

Files

14cdf64a2751141e09966d0a9b998562_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90230ba0f4fb784d36bce65f2d8f3e8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetTickCount
GetConsoleDisplayMode
GetAtomNameA
ResumeThread
GetUserDefaultLangID
HeapReAlloc
GlobalSize
SetLastError
GetVersion
GetModuleHandleA
CompareFileTime
WaitForMultipleObjects
LoadLibraryExA
GetCommandLineA
WaitForSingleObject
lstrlenA
InterlockedExchange
VirtualProtect
GetConsoleCP
GlobalUnlock

user32

BeginPaint
CreateIcon
ReleaseDC
FrameRect
AnyPopup
ShowWindow
GetFocus
FillRect
GetWindow
wsprintfA
DragDetect
GetParent
EndPaint
DrawTextA
GetClassNameA
GetTitleBarInfo
GetDC
GetCursorPos
SetForegroundWindow

rastapi

DeviceListen
PortClose
DeviceDone
AddPorts
DeviceConnect

quartz

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ