14c70e4b9982228f66dd33c491732119_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14c70e4b9982228f66dd33c491732119_JaffaCakes118
Size

160KB
MD5

14c70e4b9982228f66dd33c491732119
SHA1

9184969fe9add789b303bb3a6e2a4291de76e7a8
SHA256

c6f32e83b793f4f961465d5252424ffb79093a0ae9feb39e497b675eb8a6e6be
SHA512

51f7984ba0f4a4a39fa8221d98647326d77c04c7b2542b6b2b1ece0bb8668e8a4f2afb06c7622f090dcd96a749bbdf9fbe0a0794e2fba11675ecc42c75a8bfa2
SSDEEP

3072:EwBkR7dM1WKej4znRugXhHK3f1VHTpt1LNLXaQ7b6/aUlLBE2kjk4Tami:6wTzHXNK9hT5NLqQ7GJJC2ko4Ti

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c70e4b9982228f66dd33c491732119_JaffaCakes118

Files

14c70e4b9982228f66dd33c491732119_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2572b44df7f66693682053680925e344

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
GetVersionExA
QueryPerformanceCounter
GetProcessAffinityMask
Toolhelp32ReadProcessMemory
SetEnvironmentVariableW
HeapCompact
WriteProfileStringW
CreateFiber
GetThreadLocale
EnumLanguageGroupLocalesW
BeginUpdateResourceW
UnregisterWaitEx
EnumSystemLanguageGroupsA
GetCommandLineW
OpenEventW
SetTimerQueueTimer
CancelIo
SetErrorMode
GetSystemDefaultLCID
ConvertDefaultLocale
ReadConsoleOutputCharacterA
SetConsoleMaximumWindowSize
GetLargestConsoleWindowSize
GetProfileIntA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.code
Size: 8KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ