14935b473dc73db0d198581c1890a39a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14935b473dc73db0d198581c1890a39a_JaffaCakes118
Size

79KB
MD5

14935b473dc73db0d198581c1890a39a
SHA1

4ec91b2591b387bda93e36c358fe782f0f467f03
SHA256

a48651c53db55d740c3f92ee58a1b3631b9c20a1a0b881f6b807eef3e4a0ebf6
SHA512

2479038ae37e9c8bea2193217483c1d1279b13104c27c37ac11fb2186be7e607947f1b09afc6f7f22dbc31c006d339eaf5946a4c75c7a3db51af6c870f3d57a8
SSDEEP

1536:pHIW+nLzslUTVtuqEDQedkarF5nfOHPG7SGcx:iTLzaqOQyrrmHPGhy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14935b473dc73db0d198581c1890a39a_JaffaCakes118

Files

14935b473dc73db0d198581c1890a39a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d2692211b19f9993573323a0101256ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetClassLongA
EnumDesktopWindows
SetWindowRgn
IsCharUpperW
ValidateRect
SetWindowTextA
GetThreadDesktop
IsCharAlphaNumericA
GetActiveWindow

ole32

OleSetClipboard
CoRevokeClassObject
IIDFromString

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

FindResourceExW
LoadResource
GlobalHandle
LocalAlloc
SetFileAttributesA
HeapFree
HeapCreate
GetThreadContext
LoadLibraryA
GetProcAddress
HeapDestroy
GetStartupInfoA
LocalFree
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeLibrary

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ