14d9f5536072c318a3508e0942b388c7_JaffaCakes118

General

Target

14d9f5536072c318a3508e0942b388c7_JaffaCakes118
Size

60KB
MD5

14d9f5536072c318a3508e0942b388c7
SHA1

898b7d8a701da78df9e4012a5ddae14643fc4f4c
SHA256

5d53cca78a994685e26708d2973f5314f2e99687242460d36b76b4c97c89969b
SHA512

c61a4de7660f474c09dce2e570c70297154ce761dde661b750d8177dcd9ed47d1d93210967a8c8a03169bd6ffe5ce04580af22e9c96410183b1643c51945bedc
SSDEEP

1536:GaVJmG/hC8u6fqc9TQHv+xkugUMJZTFCOrmDw:G0HfuYku6XiDw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14d9f5536072c318a3508e0942b388c7_JaffaCakes118

Files

14d9f5536072c318a3508e0942b388c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d987819413b9505eb72e83265d19ce3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupOpenInfFileW
SetupSetDirectoryIdW
SetupTermDefaultQueueCallback
SetupInstallFromInfSectionW
SetupCloseInfFile
SetupInitDefaultQueueCallback
SetupDefaultQueueCallbackW

kernel32

SetStdHandle
CloseHandle
PulseEvent
FreeLibrary
GetTickCount
GetLastError
FindClose
SizeofResource
LockResource
LoadResource
InterlockedExchange
GetLocaleInfoA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
CompareStringA
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
SetLastError
FlushFileBuffers
LCMapStringA
VirtualProtect
GetSystemInfo
GetStringTypeA
GetACP
HeapAlloc
LocalAlloc
GetVersionExA
HeapDestroy
GetOEMCP
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
ExitProcess
SetUnhandledExceptionFilter
VirtualQuery
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
IsBadReadPtr
IsBadCodePtr

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d987819413b9505eb72e83265d19ce3

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 11KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 11KB