66e92d3812b79412c71c27793f54710e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66e92d3812b79412c71c27793f54710e_JaffaCakes118
Size

176KB
MD5

66e92d3812b79412c71c27793f54710e
SHA1

9b3e028b028ce34194a2d81cf4f55f13a8a78d4f
SHA256

fc93c067ad27a0c00e41edda815530184f1c8fb882e0cdd0e760be2743ea3ef3
SHA512

e17230444ca076cbb593b8518ddcfa488d5864c327f9f18c5b8fd3b35dc84dbdb4d995e8f1e96cea65007196382f4181cfb81e16e3bf17439dc3a8b6e7c0d42d
SSDEEP

3072:R0yK9BYu72sxTczd0FE//CR28gfCATOmdCIq3cyNo/dOy:R0y4iu72sBczd4Uy28eCATFIHo/d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66e92d3812b79412c71c27793f54710e_JaffaCakes118

Files

66e92d3812b79412c71c27793f54710e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

503e9d962c922109687b5b30d1ace6bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICSendMessage
ICOpen
ICClose
ICDecompress

user32

AdjustWindowRectEx
GetClientRect
InvalidateRect
SetCursor
PostMessageW
SetRectEmpty
GetWindowPlacement
FillRect

advapi32

RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyW
RegQueryValueExW
RegOpenKeyExW
RegSetValueW

kernel32

GetCurrentProcessId
GetLongPathNameW
GetCurrentThreadId
CloseHandle
SetThreadContext
GetLastError
EnumResourceTypesW
GlobalFree
CreateFileW
ExitProcess
UnhandledExceptionFilter
LoadLibraryW
GetModuleHandleW
GetProcAddress
GetVersionExW

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ