68f9a9261c04290d234491a74c361aee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68f9a9261c04290d234491a74c361aee_JaffaCakes118
Size

16KB
MD5

68f9a9261c04290d234491a74c361aee
SHA1

5c81d566e4f1bd05a20065380204101af765500e
SHA256

ed60403da49d1941f0a8c7b5035a4600f6122af5067a9a3e6ba2dc4d325eb14e
SHA512

0af1870086d0f6b9f2bc6c47ed065ed1a1af4bd400b392b627991e2325f77732152763409cb28ccaf65eeaee4b69f553e49e7770a44c854988811582ce980c5d
SSDEEP

192:mRmcPcnABcfT3W3tt16TyeUnNSw94kCWvVCvxRbYwi7WmyswJ6y2dyr1TKyPPo:j+NET38toTy/NSzkwxRb9ics8JrTPP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68f9a9261c04290d234491a74c361aee_JaffaCakes118

Files

68f9a9261c04290d234491a74c361aee_JaffaCakes118
.exe windows:1 windows x86 arch:x86

04c9dad1102153696a563b0724502821

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DoEnvironmentSubstW
DuplicateIcon
RealShellExecuteW
Options_RunDLLW
Control_RunDLLA
SHFileOperationA

msvcrt

strrchr
tmpnam
wcsspn
strcspn
wcstombs

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 390B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 967B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE