14e364e531a0fd1bda427c499d97ef60_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14e364e531a0fd1bda427c499d97ef60_JaffaCakes118
Size

27KB
MD5

14e364e531a0fd1bda427c499d97ef60
SHA1

8e40c0f6371a33691733ae7af6a4f2d7665669c2
SHA256

77db297ed4566fe7d2c0e17ab1f44e7b715dc6261237260ea529c9cc3dc7c56c
SHA512

c5b31943b2f3113288b471820928610596ec98f7a8ad2ba0c04e4ba7aee9fbf2e47aa72d6c1b40a58bb619ae37fff28a4f3d44be5a8ba65051453649e5499d8f
SSDEEP

768:RlWTdbnTmdU+jebxhjiRI5a+5l664qwHQm:LWZjThR6v64qwHT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14e364e531a0fd1bda427c499d97ef60_JaffaCakes118

Files

14e364e531a0fd1bda427c499d97ef60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a844dfc10882be75e70db3b649b5b90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
HeapDestroy
HeapFree
HeapCreate
HeapAlloc
GetProcessHeap
CloseHandle
ReadFile
SetFilePointer
CreateFileA
ExitProcess
GetModuleFileNameA
Sleep
GetTickCount
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
lstrcmpiA
FreeLibrary
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
GetCommandLineA

user32

wvsprintfA

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE