14249b13769a63a8ad40d7340cdc451b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14249b13769a63a8ad40d7340cdc451b_JaffaCakes118
Size

193KB
MD5

14249b13769a63a8ad40d7340cdc451b
SHA1

31a6e55d5019d2649c378898579a9673b3e67c89
SHA256

a6d35a43f47deb68ccd9ebf8a31efab0ea144699ba1dc69b8d599ddcf7401312
SHA512

100d6e4dd4472e820f1d165411977ac0ea8569905fe60c92741a1a622e36068e26e06bf11ed5a0df6b43b5664457293b6acc6f1653be1929678de53bc177b65d
SSDEEP

6144:L+P/5dPT3sWzv38eUk3quDze3pCIn3tm7H/IB5cofb:LURdPLsC8eBawe3Vc7fI/co

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14249b13769a63a8ad40d7340cdc451b_JaffaCakes118

Files

14249b13769a63a8ad40d7340cdc451b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e690ff5fe315fe5ac9a68d3d5c5fb814

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
SetWindowTextA
EnumWindows
IsCharAlphaA
DialogBoxParamA
EnumDisplaySettingsA
GetWindowThreadProcessId
GetThreadDesktop
SetDlgItemTextA
GetScrollInfo

ole32

CoGetCallerTID

comctl32

ord17

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

GetLocalTime
GetTimeFormatA
SetFileAttributesA
ExitProcess
HeapAlloc
GetUserDefaultLangID
GetTickCount
HeapDestroy
HeapFree
DeleteCriticalSection
InitializeCriticalSection
HeapCreate
GetProcAddress
FreeLibrary
LoadLibraryA
LocalFree
GetSystemDefaultLangID
IsBadWritePtr
IsBadReadPtr
LocalAlloc
GetHandleInformation
GetStartupInfoA
GetDateFormatA

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ