14e5f246c6d27d28e5a773ab3f3b5377_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14e5f246c6d27d28e5a773ab3f3b5377_JaffaCakes118
Size

118KB
MD5

14e5f246c6d27d28e5a773ab3f3b5377
SHA1

cd96d7c0896cc52abe4df3f371b8645e42be8d90
SHA256

0eb5b39646b71774cc685b4a00420bbb6a87765f70c99e486175edca224bb24e
SHA512

9e3ee288fd7d530a4b3073d2a8232cccab1ee2af14143a03c831c88c3315ab0302924d4c3bad8a1283c85f5c7d4044ec9fc060c4cbb995895671be4349cefce0
SSDEEP

1536:+PE3Kw0JFDbpvOTgop4YE9mQ328JKnhk:03qgo6Ruk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14e5f246c6d27d28e5a773ab3f3b5377_JaffaCakes118

Files

14e5f246c6d27d28e5a773ab3f3b5377_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ac1b6a9db2b2c49c1e17fad5d9fa4a36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegOpenKeyW

kernel32

FlushFileBuffers
CopyFileExA
GetLastError
CopyFileA
ExitProcess
HeapAlloc
FreeResource
GetFileTime
ExitThread
lstrcatA
OpenFile
GetCPInfo
GetCommandLineA
GetFileType
GetLocalTime
lstrcmpA
DeleteFileW
GetPriorityClass
DeleteFileA

user32

GetWindowTextLengthA
AppendMenuW
GetMenu
CopyImage
DrawTextA
GetScrollInfo
CreateIcon
GetFocus

Sections

.h0ah0
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.acffg
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.240hc
Size: 58KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.53g95
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.19h9f
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ