14ed659bd05aeff2eeefbdc868153a23_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14ed659bd05aeff2eeefbdc868153a23_JaffaCakes118
Size

353KB
MD5

14ed659bd05aeff2eeefbdc868153a23
SHA1

66e7d3172cd7c59c3ccb4929f32ccc1d6cb3ec38
SHA256

0409c5972e748e46a371183ec28d8390c79494a53b8b138be0dab6d92f5485e3
SHA512

7bfe46478f5ed71b9a8f546a4cbe55e77a1d52709800a99505721f0b471f0f1a724d12ff6d7ff960fa99c515848b236e37c4d269b2a97be4f9561af7a4a1784d
SSDEEP

6144:XHpwRw967lFno4RUsP9U7IjsJ+URV3WTbPzKTXKJvngp1iRw6oSYGfwPj07:MwiFHUNIjgjRV3gPzO6Jo1g5BYGl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14ed659bd05aeff2eeefbdc868153a23_JaffaCakes118

Files

14ed659bd05aeff2eeefbdc868153a23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e31da9913b579477f2a01abc7b830faf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
FreeLibrary
GetProcAddress
EnumCalendarInfoA
LoadLibraryW
WideCharToMultiByte
DeleteFileW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree

oleaut32

SafeArrayDestroyDescriptor
GetErrorInfo
VarFormatNumber
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

msimg32

TransparentBlt

Sections

.text
Size: 228KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE