068ec3346dda2f1ef5f6ca84bf91a085_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

068ec3346dda2f1ef5f6ca84bf91a085_JaffaCakes118
Size

329KB
MD5

068ec3346dda2f1ef5f6ca84bf91a085
SHA1

00031e1482e6027d95cbb8086848c3229b7da2b7
SHA256

6e35fc6158a4eb6abba26afbe662d3414f6cab6b671b6ff217cba9f5679d23c0
SHA512

7a16540bc9ccafd90193f77896d6309e4d6d742e1f54758abddc2bef3c677d404e02bf7bfc0452b78da3347e0c7ce871e0c8b6a7742bf6d4a30ed0149b3fa8f1
SSDEEP

6144:S/g/J/is+HaEWP/1NTj4yYvry2Pou+ABdBSDkOxOCjl/JFc+MuhB1f5:S/g/J/B+HULT8yMut1qBokqOwxVMuhLx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
068ec3346dda2f1ef5f6ca84bf91a085_JaffaCakes118

Files

068ec3346dda2f1ef5f6ca84bf91a085_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ead19dcf1e8748a305227133e979c59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetStdHandle
TlsGetValue
ResetEvent
GetConsoleTitleA
IsBadReadPtr
GetModuleHandleA
GetCommandLineA
VirtualProtect
CloseHandle
CancelIo
SetLastError
Heap32First
GetLastError
IsBadStringPtrA
GetDiskFreeSpaceExA
FreeConsole
EnumResourceTypesW
LocalFree
LoadLibraryExW

user32

EnableWindow
GetKeyState
DispatchMessageA
DragDetect
CopyImage
CreateMenu
GetUpdateRect
GetMessageA
DialogBoxParamA
CreateWindowExA
CloseWindow
GetScrollBarInfo
IsIconic
MessageBoxA

hlink

HlinkCreateFromData
HlinkCreateFromString
HlinkResolveShortcut
HlinkOnNavigate
HlinkClone

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ