14759def40e53905405bcc4a49345ea8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14759def40e53905405bcc4a49345ea8_JaffaCakes118
Size

297KB
MD5

14759def40e53905405bcc4a49345ea8
SHA1

0369282630014d356d3c7454cd48b60bf810376b
SHA256

1a473d9ee80380184941f8eeb69516af4ae8e03d54296291a1122b5b9229ff7e
SHA512

7917b38f6e52829abf9fe2c046bfdc8df9e9cd1bee1595e15a188f6ccaf43aab5f1b932ff0cc2525d34becab914004c06b68631d06e6dc1166c65f8d01c02cbc
SSDEEP

6144:E0LEpuiDWH5GyJjfs8p+qUn3buzLq05WsJA:ENpuiDQ5GgDp+J3eq05xA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14759def40e53905405bcc4a49345ea8_JaffaCakes118

Files

14759def40e53905405bcc4a49345ea8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

581741c8d55033657f262885523b7af6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadMenuA
GetWindowTextA
DrawTextA
DrawTextW

kernel32

CreateDirectoryA
lstrlenA
ReadFile
DeleteFileW
ExitThread
CopyFileExA
GetCommandLineA
FreeResource
CompareStringA
OpenFileMappingA
GetFileTime
lstrcatA
HeapAlloc
HeapFree
lstrcmpA
GetCPInfo
GetPriorityClass
CopyFileA
FlushFileBuffers
DeleteFileA
OpenFile
GetStdHandle
FindClose

advapi32

RegCreateKeyA
RegLoadKeyW
RegCreateKeyExW
RegEnumValueA
RegQueryValueW

Sections

.acgba
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.8dg41
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9ehg
Size: 238KB - Virtual size: 585KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.f069b
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ