14cb813326ed016cf91e68e1108789ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14cb813326ed016cf91e68e1108789ad_JaffaCakes118
Size

48KB
MD5

14cb813326ed016cf91e68e1108789ad
SHA1

00324652472ae6890fed1bcda4023e2b27c6c46a
SHA256

c947422a6d7034fe644ad2228a71243b56ff184347ebc4fc2908e66f8e5772c1
SHA512

5d21b0a153b1f11dfb8b6d0d1959846c57d21ba55b26499ebbc942317b5295adb7b52ecf3b3f1e47653087f5dd9f7e0851aebc23bf877dc2f2bfe32610d312d2
SSDEEP

768:z/jIC344rlVbNlkp8UQVPgE7sjtxZUCMTlQp+agvmFwWY1zx85:3jfrlVBlSmPd7u8CcQ8agmy85

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14cb813326ed016cf91e68e1108789ad_JaffaCakes118

Files

14cb813326ed016cf91e68e1108789ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

989061603d30c3e5eed1d8e67b97207d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

activeds

FreeADsMem

kernel32

MultiByteToWideChar
GetModuleHandleA
GetProcAddress
LoadLibraryW
SetThreadLocale
CloseHandle
LeaveCriticalSection
WaitForSingleObject
SetFilePointer
VirtualAlloc
GetLocaleInfoA
GetProcessHeap
EnumSystemLocalesA
GetThreadLocale
FormatMessageA
GetLastError
VirtualFree
GetSystemInfo
CreateFileA
WideCharToMultiByte
WaitForMultipleObjects
lstrcpyA
GetLocaleInfoW
lstrcpynA
GetEnvironmentStrings
FreeLibrary
InterlockedIncrement
GetCPInfo
GetWindowsDirectoryA
UnmapViewOfFile
LocalAlloc
IsValidCodePage
GetACP
SetCurrentDirectoryW
GetStringTypeW
CreateEventA
SetEvent
RaiseException
GetOEMCP
LoadLibraryA
HeapCreate
IsValidLocale
LocalFree
HeapReAlloc
LCMapStringW
ReleaseMutex
CreateMutexA
EnterCriticalSection
DeleteFileA
FlushFileBuffers
VirtualProtect
SetFileAttributesA
LCMapStringA
SetStdHandle
IsDBCSLeadByte
DeleteCriticalSection
GetStartupInfoA
SetLastError
GetEnvironmentStringsW
GetStringTypeA
VirtualQuery
GetCurrentDirectoryW
OutputDebugStringA
WriteFile
MapViewOfFile
GetUserDefaultLCID
FreeEnvironmentStringsA
GetModuleFileNameA
Beep
HeapDestroy
HeapFree
InterlockedExchange
lstrlenA
InitializeCriticalSection

user32

MessageBoxA

ntdll

RtlUnwind

setupapi

SetupCloseInfFile

urlmon

CopyBindInfo

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eepspzc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

989061603d30c3e5eed1d8e67b97207d

Headers

File Characteristics

Imports

activeds

kernel32

user32

ntdll

setupapi

urlmon

Sections

.textbss Size: - Virtual size: 1.3MB

.idata Size: 45KB - Virtual size: 45KB

.text Size: 512B - Virtual size: 420B

.reloc Size: 512B - Virtual size: 4B

.rsrc Size: 1024B - Virtual size: 28KB

eepspzc Size: - Virtual size: 4KB

.textbss
Size: - Virtual size: 1.3MB

.idata
Size: 45KB - Virtual size: 45KB

.text
Size: 512B - Virtual size: 420B

.reloc
Size: 512B - Virtual size: 4B

.rsrc
Size: 1024B - Virtual size: 28KB

eepspzc
Size: - Virtual size: 4KB