68a135e414ca7fdfc97c9b074690539d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68a135e414ca7fdfc97c9b074690539d_JaffaCakes118
Size

35KB
MD5

68a135e414ca7fdfc97c9b074690539d
SHA1

5f020129e9ae1d656eeca99a9b7a9c444c90d4f7
SHA256

47a244adcee7a5eaed12412c07b9c608ee99c0d6500fe174a082b61463ca441a
SHA512

075eb450c98572f6471ec203e6d11e5a962f9de3e60219f6c284bf9386697c8da559da6da84738ee019bbe6a2f93b4ff96254b86af10cd68e9a2eaf57513e5a9
SSDEEP

768:0oM3G+7NoncRdEbB/PbmHGGhmYLkVbo218:ivGczRZqs2C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68a135e414ca7fdfc97c9b074690539d_JaffaCakes118

Files

68a135e414ca7fdfc97c9b074690539d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bde271ae729c50c0dbbda6aadb57b7df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
FreeResource
SizeofResource
LoadResource
FindResourceA
TerminateProcess
GetWindowsDirectoryA
WinExec
GetTempPathA
GetModuleHandleA
GetStartupInfoA

user32

GetMessageA
GetInputState
PostMessageA

shell32

ShellExecuteExA

msvcrt

_initterm
_controlfp
fclose
fwrite
_exit
_XcptFilter
exit
_acmdln
__getmainargs
fopen
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ