14f2b1ad91d301bc9b8da984dced5c06_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

14f2b1ad91d301bc9b8da984dced5c06_JaffaCakes118
Size

268KB
MD5

14f2b1ad91d301bc9b8da984dced5c06
SHA1

b8afc0abde9e2c45aa8ac863840a8a05b5e236c7
SHA256

144d92a263521e169585b1783d7150b91cb28e81b2b29d59f0e9ad7a86c6a269
SHA512

df59cb86d15f25c1cc904ebbfe28517a8668276147ac7696e6bee318cd4fadc9d7548390a473573fd3221617f10670adce6f549462fa820ce12060ca45356a52
SSDEEP

3072:tTsQ+BGGMjaGl6YpHMBPEDxY9Z/SQoVPttLEBYTDj16WjCtUuW:tTsQ+YGMLmcu9ZSV1tLEBYTnAWjQn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14f2b1ad91d301bc9b8da984dced5c06_JaffaCakes118

Files

14f2b1ad91d301bc9b8da984dced5c06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08ef5455eda4346df787f0c99a839487

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
GetProcAddress
WriteFile
RtlUnwind
ReleaseMutex
GetStdHandle
SetHandleCount
GetStringTypeA
FindResourceA
LoadResource
SizeofResource
LockResource
GetTickCount
CreateMutexA
RaiseException
GetLastError
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleA
GetFileType
SetThreadPriority
CreateThread
Sleep
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetStringTypeW

user32

DialogBoxParamA
GetDlgCtrlID
GetSysColorBrush
ReleaseDC
LoadBitmapA
GetDC
GetClientRect
wsprintfA
LoadIconA
SendMessageA
SetDlgItemTextA
GetDlgItem
EndDialog
PostQuitMessage

gdi32

CreateCompatibleDC
SelectObject
StretchBlt
DeleteObject
DeleteDC
CreateSolidBrush
SetTextColor
SetBkMode
GetObjectA

winmm

waveOutPrepareHeader
waveOutOpen
waveOutClose
waveOutReset
waveOutUnprepareHeader
waveOutGetPosition
waveOutWrite

comctl32

ord17

Sections

.ZWT
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZWT
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZWT
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08ef5455eda4346df787f0c99a839487

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

comctl32

Sections

.ZWT Size: 48KB - Virtual size: 48KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 44KB - Virtual size: 44KB

.rsrc Size: 104KB - Virtual size: 104KB

.ZWT Size: 48KB - Virtual size: 48KB

.reloc Size: 4KB - Virtual size: 4KB

.ZWT Size: 8KB - Virtual size: 8KB

.adata Size: 4KB - Virtual size: 4KB

.ZWT
Size: 48KB - Virtual size: 48KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 104KB - Virtual size: 104KB

.ZWT
Size: 48KB - Virtual size: 48KB

.reloc
Size: 4KB - Virtual size: 4KB

.ZWT
Size: 8KB - Virtual size: 8KB

.adata
Size: 4KB - Virtual size: 4KB