0768a10727deb196c0761b95ad683909_JaffaCakes118 | Triage

Sharing

General

Target

0768a10727deb196c0761b95ad683909_JaffaCakes118
Size

100KB
MD5

0768a10727deb196c0761b95ad683909
SHA1

3cb2985a4a74a149f63c53685cf46b9206dad187
SHA256

a329126c2fdf326896940c79c8b7e8c6d451040da483b3887f5ab371160f8d5e
SHA512

ee912ff003228795befa6474fa8e94ace5f2def4b7ec4a2bda181c83a724264311fa64ad0f0b928ec54661370cb794a3393d5bff652ae51763a250611d940dc6
SSDEEP

3072:78EQSscqXGSfjvUFQFOBd+8H8r/PpqxPVAv8yU4C:IE/vSf7Ul9cLL8tP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0768a10727deb196c0761b95ad683909_JaffaCakes118

Files

0768a10727deb196c0761b95ad683909_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10d6f125dcd034a1c2a61d13082b1834

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetFilePointer
GetModuleHandleA
GetLastError
GetModuleFileNameA
CreateProcessA
DeleteFileA
GetTickCount
GetCurrentProcess

ole32

CoInitialize
OleCreate

user32

GetSystemMetrics
ShowWindow
PostQuitMessage
DefWindowProcA
DispatchMessageA
SetWindowLongA
GetMessageA
DestroyWindow
GetWindowLongA
CreateWindowExA

advapi32

RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 942B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ