014bb17f82fddb08292c0ed6c8d0b660_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

014bb17f82fddb08292c0ed6c8d0b660_JaffaCakes118
Size

213KB
MD5

014bb17f82fddb08292c0ed6c8d0b660
SHA1

c313564e60eea3a8463a43eab421b13da2a07813
SHA256

c5a5ee3f4d1087aeab866149e94125abb77bdb40a8900400f7ff62ee4106b793
SHA512

68bfc783f30c7f8ea135808450c29d7be68104afd6945878d6aaea7c3408168f07e0905c5f45c40f59b301e3ed7533c4bd51b0f86b7f6f2898e0a811af7ecd5b
SSDEEP

6144:KwyNcKnABDZwmufZ1bJrPPmJeAjEehcI:FdBledJr3mMCf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
014bb17f82fddb08292c0ed6c8d0b660_JaffaCakes118

Files

014bb17f82fddb08292c0ed6c8d0b660_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e473d2d7fd34d63b9f78e38d43e99cfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
ChooseColorA
FindTextA

user32

GetIconInfo
GetDCEx
GetSysColorBrush
CharLowerA
GetForegroundWindow
GetMenuItemCount
IsCharUpperA
GetMenu
IsZoomed
GetCapture
GetDesktopWindow

kernel32

EnumCalendarInfoA
Sleep
VirtualAllocEx
ExitProcess
EnterCriticalSection
GetFileAttributesA
GetStartupInfoA
lstrcmpA
GetStringTypeA
GetEnvironmentStrings
CreateFileA
MulDiv
MoveFileExA
GetTickCount
CompareStringA
GetThreadLocale
GetCurrentThreadId
IsBadReadPtr
GetLocalTime
GetLocaleInfoA
CreateThread

gdi32

SelectPalette
GetPixel
CreateCompatibleBitmap
CreateBrushIndirect
GetBkMode
SetPixel

shlwapi

PathGetCharTypeA

Exports

Exports

4nRvH7jHE@12
_zBv68sriiUR
VFKnyT1HE3ys@8
_Qa_f4y3epmG9

Sections

.text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ