14e8d1f9bc2475e20e2145b61690a48e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14e8d1f9bc2475e20e2145b61690a48e_JaffaCakes118
Size

634KB
MD5

14e8d1f9bc2475e20e2145b61690a48e
SHA1

8d50e39a61c49e90f3192c9d54dedcbc31dfe583
SHA256

ed5ef2b3b01bddd92c6dc8d4c346089352a7be5f96f96634b7ec415176d625f9
SHA512

93de89bd5224eadfe6e89b2d7d8c3061193208a79de48ca7e7ca544d5e9a460037f7868985ae1adc97fe84dc307255da2f0e3dd1cd40ed23b9be1feed4eb6e47
SSDEEP

12288:cezJKM+WdsUNzl4iaItQY+afif0jOH/Yue6BzD3nsM3n5JMq2NqsDoSBp+F:nKMbeiaIxXfif0Qk0T33nenO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14e8d1f9bc2475e20e2145b61690a48e_JaffaCakes118

Files

14e8d1f9bc2475e20e2145b61690a48e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d4c3af9d67b09fc97b272458d0edbb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetLogicalDrives
HeapCreate
Sleep
SetErrorMode
LoadLibraryExA
InterlockedExchange
GetLastError
GlobalDeleteAtom
GetLocaleInfoA
RaiseException
LockResource
CloseHandle
EnterCriticalSection
GetSystemDirectoryA
GetACP
GetFileAttributesA
GlobalFree
GetCommandLineA
GlobalAddAtomA
VirtualProtect

user32

DrawEdge
FrameRect
ReleaseDC
GetCursorPos
GetWindow
DrawTextA
GetClassNameA
GetFocus
ShowWindow
SetForegroundWindow
ValidateRect
GetParent
GetMenuItemInfoA
EndPaint
IsIconic
GetActiveWindow
wsprintfA
GetWindowTextA
BeginPaint

httpapi

HttpInitialize
HttpTerminate
HttpRemoveUrl
HttpAddUrl
HttpCreateHttpHandle

wshtcpip

WSHNotify

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ