14e0f3a16b67e70cc33a3cf8e2365c50_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14e0f3a16b67e70cc33a3cf8e2365c50_JaffaCakes118
Size

815KB
MD5

14e0f3a16b67e70cc33a3cf8e2365c50
SHA1

53028e7ead2a03aca42f52b72ed5ae9a9b9b26cb
SHA256

dad1c1828d58b19b62f0feb49517834b67e9c85b176650f5d916427f0d913f75
SHA512

336eae44beb3a127a75f319312961a5b864fb14be0accd273cbe08ee918eac00ac4760e2c0429cf4af4b7947df718e4d2c13b2971208d57f779d7985412279fb
SSDEEP

12288:0qGNUo1c5ROtsSh/6m+JQejZ6ew809Wi7+H+qOo8bDJtHB+8GPzl4QSNY42ekvcV:4ce0m+J9FZTA+HZO5JVB0PpSKKd1Ik

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14e0f3a16b67e70cc33a3cf8e2365c50_JaffaCakes118

Files

14e0f3a16b67e70cc33a3cf8e2365c50_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e44a5f78ecd7c1009c8e2d64d8c0162

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetupComm
ExitProcess
CreateFileA
GetModuleHandleA
LocalFree
HeapDestroy
FreeEnvironmentStringsA
MapViewOfFile
CreateMutexA
SetLastError
GlobalUnlock
UnmapViewOfFile
FindAtomA
GetACP
LoadLibraryExW
TlsGetValue
FindClose
HeapCreate
GetLastError
lstrlenA

user32

CopyRect
GetDlgItem
DrawEdge
DefWindowProcW
IsWindow
CheckRadioButton
GetDC
DrawMenuBar
GetFocus
DispatchMessageA
CallWindowProcA
FillRect
GetIconInfo
MessageBoxA

uxtheme

DrawThemeIcon
GetThemeSysInt
DrawThemeText
DrawThemeEdge
GetThemeRect

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ