14d18c1e93058360656178d81f649366_JaffaCakes118

General

Target

14d18c1e93058360656178d81f649366_JaffaCakes118
Size

128KB
MD5

14d18c1e93058360656178d81f649366
SHA1

e2a8d9e4212d639c7b5e91ec988ea1cf47088fb1
SHA256

ea2f48e724c103819e78b07a8f215e9aace08c65173900159e0c43193b9edd1c
SHA512

1d844c0f6feca7b07be150726afa6b12516565b3b44a82e4611200e0972b2935bb9f3f6a867839434736b955fc96b21dcabacfc6d6529f9d71498887ed73fc58
SSDEEP

3072:Ys7JOHK9stHe/Cvt/5qW9axjQMIdfS8a:Sq9cYbxLI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14d18c1e93058360656178d81f649366_JaffaCakes118

Files

14d18c1e93058360656178d81f649366_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a830691b313d9951517ee4cbfcdbfa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
HeapAlloc
DeleteFileA
GetProcessHeap
GetLocaleInfoA
lstrcatA
SetThreadLocale
GetLastError
GetFileSize
RaiseException
LocalReAlloc
ExitProcess
GetLocalTime
GetFileAttributesA
SetEndOfFile
MoveFileExA
GetFileType
HeapFree
SetLastError
GetThreadLocale
EnterCriticalSection
GetCPInfo
ExitThread
GetDiskFreeSpaceA
GetModuleHandleA
GetStringTypeA
CompareStringA
MulDiv
VirtualFree
GetACP
GetEnvironmentStrings
VirtualAllocEx
WideCharToMultiByte
lstrcpyA
FormatMessageA
LoadLibraryExA
CreateFileA
GetModuleFileNameA
GetFullPathNameA
SetErrorMode
LoadResource
CreateEventA
FreeResource
lstrcmpiA
LocalAlloc
CloseHandle
Sleep
lstrcmpA
GetProcAddress
GetOEMCP
SetHandleCount
ResetEvent
VirtualAlloc
GlobalFindAtomA
GlobalAlloc
GetVersionExA
GetTickCount
LoadLibraryA

user32

GetActiveWindow
PostQuitMessage
GetFocus
IsWindowEnabled
GetCursor
DefFrameProcA
SetMenuItemInfoA
GetWindow
BeginPaint
EqualRect
ShowWindow
GetTopWindow
CreatePopupMenu
DeleteMenu
IsIconic
GetScrollInfo

gdi32

BitBlt
SetPixel
SetBkColor
CreateFontIndirectA
CreatePalette
CreatePenIndirect
GetRgnBox
GetObjectA

comctl32

ImageList_GetBkColor
ImageList_Remove
ImageList_Create
ImageList_Draw
ImageList_Write
ImageList_DrawEx

Sections

CODE
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a830691b313d9951517ee4cbfcdbfa5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

Sections

CODE Size: 33KB - Virtual size: 32KB

.rdata Size: 81KB - Virtual size: 80KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

CODE
Size: 33KB - Virtual size: 32KB

.rdata
Size: 81KB - Virtual size: 80KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB