14e9f8b8d4887fd01008868372927f30_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14e9f8b8d4887fd01008868372927f30_JaffaCakes118
Size

276KB
MD5

14e9f8b8d4887fd01008868372927f30
SHA1

be0eafbf33c0557eb32ba82cef91c1a0ec849ca9
SHA256

0eda4251d7860b71bd432536a94e52295e83a23fd6ad12528a882f3a10d188df
SHA512

124116bc9d32b7eeec8b91a445adae4ace2550e7c094fbae95f9d9a334d92b3eb06aa36bb317762550be4de97c2ea3d13ea0299a228e80dffdf74919fbe6cab2
SSDEEP

6144:A/wDgjCkZtDnLXSanLmw1OvqTlMF2HGusT:5afnLCYQSTl9GVT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14e9f8b8d4887fd01008868372927f30_JaffaCakes118

Files

14e9f8b8d4887fd01008868372927f30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8d33a265a4058f1868b4ba2065b8035

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateDIBitmap
GetRgnBox
CopyEnhMetaFileA
SetPixel
GetClipBox
CreateCompatibleDC

kernel32

GetProcAddress
GetModuleHandleA
GetACP
GetCommandLineA
lstrlenA
LoadLibraryExA
IsBadReadPtr
ExitThread
VirtualAlloc
LoadLibraryA
ExitProcess
GetModuleHandleW

msvcrt

srand
strlen
mbstowcs
malloc
sin
tan
memcpy
acos
abs

Sections

CODE
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 753B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 397B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ddata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ