14f54c25ab8b20336e03adf211526640_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14f54c25ab8b20336e03adf211526640_JaffaCakes118
Size

82KB
MD5

14f54c25ab8b20336e03adf211526640
SHA1

0ef7dc1b4f19263ad664764c092a03ac93cac8a1
SHA256

d51e2abc90579d4d32c17b26baf8e687af4cd5a6b709df5271b6ed085d59bc13
SHA512

9bab64fb3ced31a5cf90ca5833b20bc1bed12000dd25eb7f4b59a89573b1d4d45f060f3f8aaaec9b827415bffc616482bd67266b2677734773896044ae23b19b
SSDEEP

1536:8KPa8MZ+1quO9HtpF4QAhAky6b0oXw62dcWE6m1/+eadR7:8EMZr7fFNQhydoxjMeS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14f54c25ab8b20336e03adf211526640_JaffaCakes118

Files

14f54c25ab8b20336e03adf211526640_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f579333b763d44343f6d05ce1bd8622c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BaseCleanupAppcompatCacheSupport
GetLastError
GetTickCount
GetCurrentThreadId
LoadLibraryA
GlobalMemoryStatusEx
CreateNamedPipeA
VirtualAlloc
GetModuleHandleW
GetExitCodeThread
GetSystemDirectoryA
GlobalMemoryStatus
QueryPerformanceCounter
GetProcessHeaps
GetLargestConsoleWindowSize
GetProcessVersion
GetSystemTimeAsFileTime
GetCurrentProcessId
BackupWrite
GetConsoleInputExeNameW
AssignProcessToJobObject
OpenFile

serialui

drvSetDefaultCommConfigW
drvGetDefaultCommConfigA
drvSetDefaultCommConfigA
drvCommConfigDialogA
drvCommConfigDialogW
drvGetDefaultCommConfigW

msvcrt

_ecvt
towlower
_wexeclpe
___lc_codepage_func
_unlink
_pctype
_mbsicmp
isleadbyte
exp
__RTtypeid
_swab

mfcsubs

?GetBufferSetLength@CString@@QAEPAGH@Z
??O@YG_NABVCString@@PBG@Z
?AllocBuffer@CString@@IAEXH@Z
?ReverseFind@CString@@QBEHG@Z
?LockBuffer@CString@@QAEPAGXZ
??8@YG_NABVCString@@0@Z
?ElementAt@CStringArray@@QAEAAVCString@@H@Z
?SpanExcluding@CString@@QBE?AV1@PBG@Z
??YCString@@QAEABV0@ABV0@@Z
??YCString@@QAEABV0@PBG@Z
?Copy@CStringArray@@QAEXABV1@@Z
?Format@CString@@QAAXPBGZZ
?AfxExtractSubString@@YGHAAVCString@@PBGHG@Z
??H@YG?AVCString@@DABV0@@Z
?Create@CPlex@@SGPAU1@AAPAU1@II@Z

user32

EndDialog

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f579333b763d44343f6d05ce1bd8622c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

serialui

msvcrt

mfcsubs

user32

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 19KB - Virtual size: 38KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 276B

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 19KB - Virtual size: 38KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 276B