14cd9fd84971534f31dbdaa36be8232c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14cd9fd84971534f31dbdaa36be8232c_JaffaCakes118
Size

117KB
MD5

14cd9fd84971534f31dbdaa36be8232c
SHA1

f733ad2877c8b3c1d521ea1428084246f4e65ef1
SHA256

c531d61e905b5387e499aaabd6303cf1e8adc8576f9da19abe733106ee0c3d4f
SHA512

a555dfecf5a0fad039a84861d4100961f62e34eb9667cb7a5624eeef4834108f3ad7155b274327f88ce307243a838ea973500789f820e74d78b25da6ea0a61c4
SSDEEP

3072:G6SQVlpd9vGqjdAc0lLxzH5NdmBM+Waduxgs8qtXsMcneupAyCt2TfRk:0QVPL530z3TadulRbdupAn2TZk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14cd9fd84971534f31dbdaa36be8232c_JaffaCakes118

Files

14cd9fd84971534f31dbdaa36be8232c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

02543914694763a48f033faf7e316a63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

olecli32

LeClone
LeExecute
ErrSetUpdateOptions
OleUnlockServer
OleQueryOutOfDate
ObjQuerySize
OleReconnect
OleQueryCreateFromClip
LeShow
OleCreateInvisible
LeDraw
PbLoadFromStream
MfQueryBounds
MfCopy
OleCopyToClipboard

kernel32

CreateDirectoryA
ReleaseSemaphore
DeviceIoControl
ExpandEnvironmentStringsA
OpenProcess
GetFullPathNameW
CopyFileW
LoadLibraryExA
SetThreadPriority
FindNextFileA
VirtualFree
CreateMutexW
GetExitCodeProcess
WriteConsoleW
VirtualAlloc
RemoveDirectoryW
CreateMutexA
GetComputerNameW
FileTimeToLocalFileTime

gdi32

RealizePalette
CreatePalette
CreateFontIndirectA
GetTextMetricsA
BitBlt
CreateDIBitmap
GetDeviceCaps
CreateSolidBrush
SetTextColor
GetTextExtentPointA
SelectPalette
ExtTextOutA
SaveDC
CreateCompatibleDC
CreateRectRgn
GetStockObject
SelectObject
DeleteObject
GetSystemPaletteEntries
RestoreDC
GetObjectA
MoveToEx
SetBkColor
SelectClipRgn
UnrealizeObject
CreatePen

dnsapi

Dns_RecvTcp

oleacc

DllCanUnloadNow
CreateStdAccessibleProxyW
WindowFromAccessibleObject
GetRoleTextW
AccessibleObjectFromWindow
DllUnregisterServer
AccessibleObjectFromPoint
LresultFromObject
IID_IAccessible
ObjectFromLresult
CreateStdAccessibleObject
DllGetClassObject
GetOleaccVersionInfo
GetRoleTextA
LIBID_Accessibility
IID_IAccessibleHandler
AccessibleChildren
GetStateTextA
CreateStdAccessibleProxyA
AccessibleObjectFromEvent
GetStateTextW

advapi32

RegQueryValueExW
RegQueryValueExA
RegCreateKeyExA
OpenThreadToken
GetTokenInformation
OpenProcessToken
RegOpenKeyExA
RegDeleteValueW
RegEnumValueW
RegSetValueExW
FreeSid
RegOpenKeyExW
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyW
RegDeleteKeyA
InitializeSecurityDescriptor
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueA
AllocateAndInitializeSid
RegCreateKeyExW
CloseServiceHandle

Sections

.textbss
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02543914694763a48f033faf7e316a63

Headers

DLL Characteristics

File Characteristics

Imports

olecli32

kernel32

gdi32

dnsapi

oleacc

advapi32

Sections

.textbss Size: - Virtual size: 104KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 68KB - Virtual size: 67KB

.idata Size: 32KB - Virtual size: 32KB

.debug Size: 6KB - Virtual size: 6KB

.text Size: 1KB - Virtual size: 1KB

.textbss
Size: - Virtual size: 104KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 68KB - Virtual size: 67KB

.idata
Size: 32KB - Virtual size: 32KB

.debug
Size: 6KB - Virtual size: 6KB

.text
Size: 1KB - Virtual size: 1KB