14daa0ed4708841e6828f97def0a5177_JaffaCakes118 | Triage

Sharing

General

Target

14daa0ed4708841e6828f97def0a5177_JaffaCakes118
Size

86KB
MD5

14daa0ed4708841e6828f97def0a5177
SHA1

182e71bd80992e64071c348b615ec388dc98d847
SHA256

40d04308447d8d0cdf11799f2898de1749089ff15bc95b6c73cab2eee7f8f984
SHA512

1c49692232151f20c0a2c9ee4c47e278fdeddbe79806187be8ac1b370ff1ba1107bc979f7c9016b372b99f2f90cebb0c51c093c2d174995d60ed1132f3ab4978
SSDEEP

1536:kFFFL35509zjvzMGL+koTDuTu/FJEwY9tQt/3BHkQ7szx64j74:Qh5G3b+koTDe2Ew4tuHkXzxA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14daa0ed4708841e6828f97def0a5177_JaffaCakes118

Files

14daa0ed4708841e6828f97def0a5177_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dcf25a0d3c66d4713ef8488dd38a2db8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
malloc
free
memcpy
srand
rand

kernel32

CreateMutexA
CreateEventA
SetEvent
WaitForSingleObject
CloseHandle

user32

SetScrollRange
SendMessageA
GetWindowRect
SetTimer
InvalidateRect
GetScrollRange
MoveWindow
PostMessageA
SetWindowPos
CreateWindowExA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ