14f5bfb1fd3c6e9ac8cc22d195fff139_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14f5bfb1fd3c6e9ac8cc22d195fff139_JaffaCakes118
Size

1.7MB
MD5

14f5bfb1fd3c6e9ac8cc22d195fff139
SHA1

699b825431f165bfad5afb0be6cf31178fd5a168
SHA256

9ddde5da95f7beeb04a0c7720ab9a4f78148439e25680460b66f801d53ff6918
SHA512

a6bbdbc7ecf6049b31933cd1d0f9f13a7f26d685b679e67246a4009d0cd44e7657b28d91aa9de7ac376cc9396ab919649d9f109c154729ee3ef9620fec62db65
SSDEEP

49152:WBK9GYabm7g6pyTQ+6yNxnmg46uWOTpLUMua:WBxYuSy8+o7WUpL5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14f5bfb1fd3c6e9ac8cc22d195fff139_JaffaCakes118

Files

14f5bfb1fd3c6e9ac8cc22d195fff139_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db84d057f4222a13eda33ff194f5f534

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
CloseHandle
HeapFree
CreateFileA
HeapAlloc
GetProcessHeap
ReadFile
lstrcpynA
WriteFile
lstrcpyA
SetFileAttributesA
lstrlenA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetModuleHandleA
FormatMessageA
GetLastError
VirtualQuery
CreateDirectoryA
GetFileAttributesA
GetTempFileNameA
GetSystemTime
GetTempPathA
GetModuleFileNameA
RemoveDirectoryA
IsBadReadPtr
FindNextFileA
DeleteFileA
lstrcatA
lstrcmpA
FindFirstFileA
Sleep
WaitForSingleObject
CreateProcessA
lstrcmpiA
ExitProcess
FindClose

user32

PostQuitMessage
DestroyWindow
CreateDialogParamA
MessageBoxA
PeekMessageA
LoadStringA
TranslateMessage
GetDlgItem
SendMessageA
DispatchMessageA
wsprintfA
PostMessageA

shell32

FindExecutableA
ShellExecuteExA

comctl32

ord17

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ