68ff6be0b11d76d4b3b71a17d42ed2ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68ff6be0b11d76d4b3b71a17d42ed2ae_JaffaCakes118
Size

2.7MB
MD5

68ff6be0b11d76d4b3b71a17d42ed2ae
SHA1

bd0c412770f72c0544a99011d69b3cd89b9f32bd
SHA256

153495f807a0da25ef3e4f00c2db0b6f4a5ec995e72dab12cb6155b0038a6ae2
SHA512

b851bbc26ade25b94b200fbbc8431d948934ef6e0dfd30b7db5a9f7eb37cda9105a013c9e11f74662b120e21d91ba6c0779cb76e4d3744d99e3a300e2b44e52e
SSDEEP

49152:lwTm4u/S8LGXqNtXTZdP8WGMsIXDA/lYVrePKGNvqMjZHEU87lezt9:sm4u/SS55ZdzNsIXD+iA/VdEDJm9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68ff6be0b11d76d4b3b71a17d42ed2ae_JaffaCakes118

Files

68ff6be0b11d76d4b3b71a17d42ed2ae_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bffd5ddb5a55a8666e4b2d0004845cf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PrepareTape
GlobalDeleteAtom
UnregisterWaitEx
GetVolumeNameForVolumeMountPointA
LZSeek
VirtualAllocEx
DebugBreak
GetFileAttributesA
GlobalFlags
GetLongPathNameW
GetCommandLineA
lstrlenA
HeapAlloc
OpenEventA

user32

LoadKeyboardLayoutEx
UnhookWindowsHookEx
GetTaskmanWindow
CreateSystemThreads
CreateWindowExA
CharNextExA
IntersectRect
LoadStringA
ModifyMenuA
GetForegroundWindow
MonitorFromRect
EnumChildWindows
GetWindow
IsMenu
EqualRect
IsWindow
SetKeyboardState
MonitorFromRect
SetWindowsHookExA
GetDoubleClickTime
SendMessageTimeoutA
OemToCharBuffA
GetWindowLongA
GetClassWord
GetProgmanWindow
SetShellWindow
OemToCharBuffW
DialogBoxIndirectParamAorW

comdlg32

GetOpenFileNameA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 17.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ