14e15ce59df2bdbfbe87a55e77835bc9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14e15ce59df2bdbfbe87a55e77835bc9_JaffaCakes118
Size

42KB
MD5

14e15ce59df2bdbfbe87a55e77835bc9
SHA1

9e2e5ee46b8145927c7d9839fdce5a492c9ed0a8
SHA256

70922121c0f3ff1e1f253a88c95fc4e487233fb59d801af06f8d3a8f0aa8eea5
SHA512

32261a909bc7ae51b7170f08a199dce2d05b44db793b1bfaf35f95f3518fe1fe6dd6ceeab5f205c0b60025e9f6fba903bdd49f335bc68e6cd5901cffd1176403
SSDEEP

768:36Esy4oMuVJ9UFAp5v32pk9M7dZOJZBCN2T328Ro9H/auPl6eQPF0WABC:psH8OFA7K7dya2G4o9RP6PFbJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14e15ce59df2bdbfbe87a55e77835bc9_JaffaCakes118

Files

14e15ce59df2bdbfbe87a55e77835bc9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a927e40423a382e7f99ea1a698a89863

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
HeapAlloc
GetProcessHeap
QueryPerformanceCounter
GetModuleHandleA
ExitProcess
CreateThread
InterlockedIncrement
InterlockedExchangeAdd
InterlockedDecrement
InterlockedExchange
GetCurrentProcess
GetTickCount
GetProcAddress

user32

GetMessageA
CreateWindowExA
RegisterClassExA
TranslateMessage
DispatchMessageA
DestroyWindow
DefWindowProcA
GetCursor
GetActiveWindow
FindWindowA

gdi32

GetBkColor
SetBitmapBits
GetObjectType
ResizePalette
CreateSolidBrush
SetGraphicsMode

Exports

Exports

?AJifoijfsc@@YAHHPADHH@Z
?AJifoijfsh@@YAHHPADHH@Z
?AJifoijfsi@@YAHHPADHH@Z
?AJifoijfsm@@YAHHPADHH@Z
?AJifoijfso@@YAHHPADHH@Z

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ