14cfddaa4b171a868df6295b27b9a5b1_JaffaCakes118 | Triage

Sharing

General

Target

14cfddaa4b171a868df6295b27b9a5b1_JaffaCakes118
Size

308KB
MD5

14cfddaa4b171a868df6295b27b9a5b1
SHA1

cb373c001f82dbec2c59fe6489ce1f1fdf093562
SHA256

c4d0dd6b814a3b5484b5eda8c631f52960c52e77964e966db62d5224e494ebf9
SHA512

a28abdd44eb690c4eda12d84f260c0db5e298392e283a5b5f8a4c40c82f6a8955aaf5b4efeb6d38f2d466489909b1dcac267578eedb7dcd586693d56a8b69df8
SSDEEP

6144:BsOUk0odp4JFJejFsMnQqQXbEZZV48dqz5UP9rDhk5WDCIO8GPI3Xj:Bslk0odukmqQrA48kY9rhekGP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14cfddaa4b171a868df6295b27b9a5b1_JaffaCakes118

Files

14cfddaa4b171a868df6295b27b9a5b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6926fbd08b6ffb29e77b0942e4fb3a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
CreateThread
CloseHandle
SetEvent
FindAtomW
GetComputerNameA
ResetEvent
GetTickCount
LocalFree
GetDiskFreeSpaceW
ReleaseMutex
SetLastError
LoadLibraryW
ResumeThread
GetSystemTime
lstrcmpiW
CreateFileA
GetFileAttributesW
HeapCreate
GetModuleHandleA

user32

FillRect
CreateWindowExA
CloseWindow
GetComboBoxInfo
CallWindowProcA
GetKeyState
GetClassInfoA
SetFocus
DispatchMessageA
DrawStateA
GetClipCursor
GetDlgItem
DestroyCaret
MessageBoxA

cryptdlg

DecodeRecipientID
CertTrustFinalPolicy
CertConfigureTrustA
CertTrustInit
CertTrustCertPolicy

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ