14466a2b6c48f478b2e3c127a4d1ad73_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14466a2b6c48f478b2e3c127a4d1ad73_JaffaCakes118
Size

380KB
MD5

14466a2b6c48f478b2e3c127a4d1ad73
SHA1

cc08b8dd7979c5236a0f12893f0c9c776dcc6c5a
SHA256

84ffe8ef19ed4095220c463ef0f57abfb114a2b502a5f0a1d7eaf004ea374995
SHA512

4e164aff0dcf70de2a237c478c4493b604efceb5f7ed46d9079300b8613ea64edd3e280f19f8ddefd3af83213ee584566ce599a23a37efdc9b52c2f58a962ff2
SSDEEP

6144:2zPihHwzNUfIUnGzzRV5Fwzf4k+L+sPpQK9d6lPsAoaGs8mwgf5HhNH:2zKGBUrnGz1V5FK2LQK9ViGs8m/N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14466a2b6c48f478b2e3c127a4d1ad73_JaffaCakes118

Files

14466a2b6c48f478b2e3c127a4d1ad73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd2b28581dde3226a9c57c5d8dba2669

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
VirtualAlloc
GetProcAddress
VirtualFree
OpenMutexA
GetLocalTime
CloseHandle
SetFilePointer
LCMapStringW
LCMapStringA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
WriteFile
MultiByteToWideChar
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLastError
ReadFile
FlushFileBuffers
SetStdHandle

user32

EnableWindow

winmm

waveInClose

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 336KB - Virtual size: 717KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ