14d99e4d00ee43d41ec73adb3850d6f0_JaffaCakes118 | Triage

Sharing

General

Target

14d99e4d00ee43d41ec73adb3850d6f0_JaffaCakes118
Size

16KB
MD5

14d99e4d00ee43d41ec73adb3850d6f0
SHA1

be69141f4c0f40a9f823e05238f9b586b299f376
SHA256

ba97c2aaf345fb34dfc623e0a7f45d990817029969522183a08c8708f60df459
SHA512

e2128df52fddf7142b19f75af2388ea82ce45fe32f89cfc2db47ca5d29a7967eff6943ab7f362a9988a24cfc3ec554e8acd4d3ee78252c9013c8a7874f558e44
SSDEEP

192:l8gYGhvbVdNJlTyf9Q4/fCXtg9/qQyUIjLACqtCtzw/TXX+McdsJdxV1P6C4OKw:l88zpTS6+P9/tyFfqtC+TXT3X1P6vOKw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14d99e4d00ee43d41ec73adb3850d6f0_JaffaCakes118

Files

14d99e4d00ee43d41ec73adb3850d6f0_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c17dcad15f256f7e08342453f816b1a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA

imagehlp

MakeSureDirectoryPathExists

kernel32

ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetStdHandle
GetTempPathA
GetThreadPriority
GetTickCount
GlobalFree
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
ReadFile
RemoveDirectoryA
ResumeThread
RtlUnwind
RtlZeroMemory
CreateFileA
SetCurrentDirectoryA
SetFileAttributesA
SetFilePointer
SetThreadPriority
Sleep
SuspendThread
TerminateThread
WaitForSingleObject
WriteConsoleA
WriteFile
CreateThread
DeleteFileA

user32

wvsprintfA

crtdll

__GetMainArgs
exit
raise
signal
strcat
strchr
strncpy

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 216B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE