14cd03dde313ebff08ef3ec82ff843b7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14cd03dde313ebff08ef3ec82ff843b7_JaffaCakes118
Size

392KB
MD5

14cd03dde313ebff08ef3ec82ff843b7
SHA1

02b6682181f7b17e1c770179df5467089994844b
SHA256

b38d3ad05d686b91b7f72c8da5a984265b3c245322e015afcf4281eaa2d0d01b
SHA512

066a4badf99dd703e360417c2933f2efa5c26385e851bebdea75b0cd9da7ed9c02034dfde46f95cb40a4b72c988ce0c6cfa6e73dfa6a459482996750c8cb7b11
SSDEEP

6144:6ctjjehO5+VLfPYloa3CO9UB5p6QjwvkVaC5o9xxwCJiIoappvCH8:lXehO5sDPJ6CZvjeAK9xKCJifp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14cd03dde313ebff08ef3ec82ff843b7_JaffaCakes118

Files

14cd03dde313ebff08ef3ec82ff843b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7797e9c5cc4acc8ec9a4e6b3dfcb5c70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
Sleep
CloseHandle
LocalUnlock
LoadLibraryA
CreateThread
GetModuleHandleA
GetComputerNameA
SetEvent
GetCommandLineW
GetCurrentDirectoryA
LocalFree
GetSystemTime
lstrlenA
SetLastError
CreateFileA
CreateThread
UnmapViewOfFile
HeapCreate
PulseEvent

user32

SetFocus
GetKeyState
IsWindow
GetDlgItem
GetScrollBarInfo
DrawMenuBar
GetDC
CreateWindowExA
FillRect
CheckRadioButton
DrawEdge
CallWindowProcA
DispatchMessageA

clbcatq

SetSetupSave
DowngradeAPL
SetupOpen
UpdateFromAppChange
CheckMemoryGates

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ