14c777ff457c28067f510d71912f115e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14c777ff457c28067f510d71912f115e_JaffaCakes118
Size

151KB
MD5

14c777ff457c28067f510d71912f115e
SHA1

fe0047ca1601eb45bf42a79913a69b0c7108d2d9
SHA256

ded9627f5c60349c4d42a8e7807d8aa8c431deb03ba7cd23cdd02c1582776d6c
SHA512

a82939944507c4d02c8cb656d3754948a061b17bdb53daf0b10bb02cd934a11236171e7ec856a7013f8487c009334e8132f63eb5d874b07001ba9ac7cb2c73c4
SSDEEP

3072:LzeXYd9pgIRXt/XUD1E76zuluoRAAYlxTMEsQHBlp59s4wqa:Lz+Yd9bRdO1EpLA7lPsQH9sh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c777ff457c28067f510d71912f115e_JaffaCakes118

Files

14c777ff457c28067f510d71912f115e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdf4cfa018a52c3c933eb4fb70575e90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA
SHFileOperationA
SHGetFileInfoA

advapi32

RegDeleteKeyA
RegOpenKeyA

gdi32

LineTo
GetPaletteEntries

msvcrt

calloc
memset
clock
wcschr
wcsncmp
rand
memcpy
memmove
sqrt
calloc
sprintf
wcschr
mbstowcs
atol
time
clock

comdlg32

FindTextA
GetSaveFileNameA

kernel32

SetHandleCount
GetFileType
SizeofResource
GetLastError
MoveFileA
GlobalAddAtomA
ExitProcess
GetSystemDefaultLangID
HeapDestroy
GetLocaleInfoA
ExitThread
SetLastError
VirtualAllocEx
LoadLibraryA
DeleteCriticalSection
GlobalDeleteAtom
GlobalAlloc
LocalReAlloc
ExitThread
GlobalFindAtomA
LoadLibraryExA
GetEnvironmentStrings
LoadLibraryA
HeapFree
EnumCalendarInfoA
GlobalDeleteAtom
VirtualAllocEx
GetCommandLineA
WriteFile
GetCurrentThread
LocalAlloc

version

GetFileVersionInfoSizeA
VerFindFileA
VerInstallFileA
GetFileVersionInfoSizeA

user32

GetSysColorBrush
DefWindowProcA
DrawTextA
CharLowerBuffA
GetIconInfo
GetScrollInfo
SystemParametersInfoA
EndDeferWindowPos
FillRect
GetClassLongA
GetCapture
GetCursorPos
CreateMenu
EqualRect
BeginDeferWindowPos
CheckMenuItem
SetWindowLongA

ole32

CoReleaseMarshalData
OleRegGetUserType
CoGetContextToken
CoCreateGuid
CoTaskMemFree
OleCreateStaticFromData
CoFreeUnusedLibraries
GetHGlobalFromStream
CreateOleAdviseHolder
PropVariantClear

shlwapi

SHQueryInfoKeyA

Sections

DATA
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 115KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bdf4cfa018a52c3c933eb4fb70575e90

Headers

File Characteristics

Imports

shell32

advapi32

gdi32

msvcrt

comdlg32

kernel32

version

user32

ole32

shlwapi

Sections

DATA Size: 29KB - Virtual size: 28KB

.idata Size: 115KB - Virtual size: 194KB

INIT Size: 3KB - Virtual size: 2KB

.rdata Size: 1024B - Virtual size: 892B

.bss Size: 1KB - Virtual size: 1KB

DATA
Size: 29KB - Virtual size: 28KB

.idata
Size: 115KB - Virtual size: 194KB

INIT
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1024B - Virtual size: 892B

.bss
Size: 1KB - Virtual size: 1KB