14d1f26516e024bb49cef0f2212ee85e_JaffaCakes118

General

Target

14d1f26516e024bb49cef0f2212ee85e_JaffaCakes118
Size

81KB
MD5

14d1f26516e024bb49cef0f2212ee85e
SHA1

3aba4d55916da15305db4e860f308bafb06d9fd6
SHA256

b2a7fccd55b3b99776b8afd461ef4ade6e472b39acf12178081919ee870eaf82
SHA512

fb25b4d1ab86b22084fad9149c477590b5ba68847c50441f3cbb836c35aca809a50d1bea6ed920970d088456f0b3af35cdb5097b5294bd2fda1cd9136ad04d1c
SSDEEP

1536:4LGonohRDMTNEpxwOSrjlcbvcp/uW6lkrB5273B5nG0GjxFNaaQppr:4FobwTN9lQvg/yOg77nA/NGpr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14d1f26516e024bb49cef0f2212ee85e_JaffaCakes118

Files

14d1f26516e024bb49cef0f2212ee85e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9239baf484f2314286f5d35300ac8038

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetSystemInfo
lstrcpynW
GlobalSize
FindClose
VirtualAlloc
GetProcAddress
LoadLibraryA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
LCMapStringW
LCMapStringA
VirtualProtect
GetLocaleInfoA
VirtualQuery
InterlockedExchange
RtlUnwind
IsBadWritePtr
HeapReAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetStringTypeA
GetStringTypeW
GetACP
GetSystemTimeAsFileTime

user32

CreateCaret
DrawEdge
GetCursorPos
GetMessageW
LoadMenuW
wsprintfW
SetFocus

comdlg32

PrintDlgW
ChooseFontA
ReplaceTextA
FindTextA
GetSaveFileNameW
GetFileTitleW

ole32

StgOpenAsyncDocfileOnIFillLockBytes

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9239baf484f2314286f5d35300ac8038

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 122KB - Virtual size: 370KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 122KB - Virtual size: 370KB

.rsrc
Size: 4KB - Virtual size: 4KB