68a59a5e11f042fbf57d460254f5d296_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68a59a5e11f042fbf57d460254f5d296_JaffaCakes118
Size

348KB
MD5

68a59a5e11f042fbf57d460254f5d296
SHA1

1aafb9f59d9c49aca44916988c250c2e2b946463
SHA256

9860d5f20d9afe6d2a376288e63e90f7be0c2a7b99cd8860fea70ba46c40bca9
SHA512

2f37e0d349d9ff403fe7a5c456e00f5373df7ca92c03c756c32bf711c3e7a99daf4a2183e9483a6c6908d0ffb5641737fd8f132b61737c647686cf0b2de4bd2b
SSDEEP

6144:5lpkEwAnOwifCqjAJye7WpNmZgih+DrQwPIv0MexBDtcui:5lppJ1qjO6S30DUwPIrEBC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68a59a5e11f042fbf57d460254f5d296_JaffaCakes118

Files

68a59a5e11f042fbf57d460254f5d296_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5e1fd64ff7c43e93acc650d88f228c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GlobalFree
CloseHandle
GetCurrentThreadId
FindResourceW
CreateProcessA
GetExitCodeProcess
GetModuleHandleA
PulseEvent
lstrlenA
TlsGetValue
GetStdHandle
UnmapViewOfFile
GetProcessHeap
GetEnvironmentVariableA
GlobalUnlock
CreateFileW
LoadLibraryExW
HeapCreate
lstrcpyA

user32

CheckRadioButton
GetDlgItem
DispatchMessageA
GetCaretPos
GetDC
FillRect
DrawEdge
IsWindow
CreateIcon
CallWindowProcA
DrawMenuBar
CreateWindowExA
SetFocus

rsaenh

CPDecrypt
CPGenKey
CPHashData
CPSignHash
CPDeriveKey

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 271KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ