14141eebb1333046bba958c7aaa8e984_JaffaCakes118

General

Target

14141eebb1333046bba958c7aaa8e984_JaffaCakes118
Size

167KB
MD5

14141eebb1333046bba958c7aaa8e984
SHA1

29bdaa3949c5383ec485d48219fc6b0629479237
SHA256

a37941fa5dd4b41fc323cd3253461f69b603fd980363e6e728375da97f927348
SHA512

532fb40ecdfe45303a7aedafecd3df4c3a2db282ff615183beffb54cbd368cfc32107bcfec94bebeb3ae75138dc52ff6450e818da8f64e3827084997fb8fe5d5
SSDEEP

1536:k2WxpDHgOnG5udNzQgfIW8BZMh+VcfxLD:LWxpDbG5AZf9Qefxf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14141eebb1333046bba958c7aaa8e984_JaffaCakes118

Files

14141eebb1333046bba958c7aaa8e984_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d771d3fd8abe9b5b3d47fb0d3fc2f723

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FreeLibrary
GetCommandLineA
GetFileSize
GetFileTime
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetTempPathA
GlobalAlloc
DeleteFileA
GlobalLock
GlobalUnlock
LoadLibraryA
MoveFileA
ReadFile
SetFilePointer
Sleep
WriteFile
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CreateThread
CreateMutexA
CreateFileA
CreateDirectoryA
GlobalFree
CloseHandle

user32

EnableWindow
FindWindowA
GetMessageA
GetWindowTextA
GetWindowThreadProcessId
LoadBitmapA
LoadCursorA
LoadIconA
MessageBoxA
MsgWaitForMultipleObjects
PostQuitMessage
RegisterClassExA
SendMessageA
SetFocus
ShowWindow
TranslateMessage
UpdateWindow
DefWindowProcA
CreateWindowExA
CharUpperBuffA
CharLowerA
wsprintfA
DispatchMessageA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

comctl32

ord17

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d771d3fd8abe9b5b3d47fb0d3fc2f723

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 16KB - Virtual size: 35KB

.rsrc Size: 129KB - Virtual size: 129KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 16KB - Virtual size: 35KB

.rsrc
Size: 129KB - Virtual size: 129KB