14b2593d57546d4f90316eb53a0cbe83_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14b2593d57546d4f90316eb53a0cbe83_JaffaCakes118
Size

272KB
MD5

14b2593d57546d4f90316eb53a0cbe83
SHA1

1a4d27166ebd9308e7702ee033dced06019cfeca
SHA256

f4be9ea6d118f80afd4697775db4ff4f2919f50d42852eb94bf8bffebf7b9238
SHA512

ffc6f9ada7f03679164c18526b452ad8f84aad070f95d03881e4d6d328a76497553a9569973db62cf442023a413e8a60bed46ea3a01d613f4c65a86eea12939a
SSDEEP

3072:gCyLqHPh64UjZgmPYLVT6gZfYKgZfYNpW+WBUnedFIr9qWpDU:gCyL2h6Hg4YLV1ZwpZwNHWv69qWpDU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14b2593d57546d4f90316eb53a0cbe83_JaffaCakes118

Files

14b2593d57546d4f90316eb53a0cbe83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b42c57d7358733cedba6d238ef841b69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
GetTempPathA
GetShortPathNameA
GetModuleFileNameA
GetLastError
DeleteFileA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
CloseHandle
WriteFile
ReadFile
ExitProcess
TerminateProcess
GetCurrentProcess
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
WaitForSingleObject
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
HeapAlloc
SetStdHandle
FlushFileBuffers
CreateFileA
GetProcAddress
LoadLibraryA
SetEndOfFile

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 823B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ