14edcd1438ce772e439ed8561a7e331e_JaffaCakes118

General

Target

14edcd1438ce772e439ed8561a7e331e_JaffaCakes118
Size

48KB
MD5

14edcd1438ce772e439ed8561a7e331e
SHA1

f57192da6cd8e289a2f883411ca28f421a56a1b9
SHA256

cee6e4529b1406364b9969204c0cdecc8423967c7ece5dfc4123a89c37cba299
SHA512

e36feed3e74e4706a02f347b18cf51dc232845ba5e654862e7f30e889f10716996da9574f53026abfb3e150ad6342ef1998fa600a6fb80d1d9d9d3616bcd49a9
SSDEEP

768:1yOltjQs/S+lCTeY1Oem4RMVRDDWDzNP8EimrKbT:bQs/S+lCTR1oVR/i5PMkKb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14edcd1438ce772e439ed8561a7e331e_JaffaCakes118

Files

14edcd1438ce772e439ed8561a7e331e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1bd3637ee6145bea4a8ea47fb3754eff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FreeLibrary
lstrcmpiA
CopyFileA
GetFileAttributesA
lstrcatA
GetSystemDirectoryA
GetLocalTime
CreateProcessA
lstrlenA
lstrcpynA
CloseHandle
CreateMutexA
GetModuleHandleA
GetLastError
DeleteFileA
LoadLibraryA
SystemTimeToFileTime
Sleep
GetFullPathNameA
GetModuleFileNameA
TlsGetValue
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersion
WideCharToMultiByte
GetTimeZoneInformation
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
VirtualAlloc
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

SystemParametersInfoA
SetWindowsHookExA
UnhookWindowsHookEx

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

lockscr

SetMouseHook
SetKeyboardHook

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1bd3637ee6145bea4a8ea47fb3754eff

Headers

File Characteristics

Imports

kernel32

user32

advapi32

lockscr

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB