68f36298a6e440464760b622cb8faedd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68f36298a6e440464760b622cb8faedd_JaffaCakes118
Size

64KB
MD5

68f36298a6e440464760b622cb8faedd
SHA1

0c3324a3baf3c77f93d0b1fe388d2a4b607f744e
SHA256

f7b9b2c656ff43cf2ccb32adcbc2a84e3cd0dc7bf1cd43a8fd7deff8e4d63d1d
SHA512

71c6407cad825e5ddbc34be1b6c114a142ec882997fbeb3105f00d43f701c2f69631bebb348898a3d420719fd19e8950878f434688b810edc8b110d79d07a882
SSDEEP

384:xy1lOHgz3FwfdFX1kR+Si4wL8UjRA/VuuLOM8VvxfxspeLw8joyQx6TgAyirWmL:xLgz3uVMRlUjRMuWx8nfxLM2VlEAhaa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68f36298a6e440464760b622cb8faedd_JaffaCakes118

Files

68f36298a6e440464760b622cb8faedd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f54bc385506bc5f11b724cc01787e4ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStartupInfoA
GetProcAddress
LoadLibraryA
GetProcessHeap
VirtualAlloc

advapi32

RegOpenKeyA
RegOpenKeyW

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ati6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ