68fda186caa5c78feca776820a616ab4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68fda186caa5c78feca776820a616ab4_JaffaCakes118
Size

19KB
MD5

68fda186caa5c78feca776820a616ab4
SHA1

74943eede9acd96d8291f18503f54c6037f56732
SHA256

31cb32c627f4378e19a87d1683f61f1e9b09e226e164a481028169a38c1eb5d7
SHA512

0742866ea33f8f87142d28be5b4efe8f549d6103e99eb3beb136253cce9c9c6fb42fcde912ab689d052d31e28f247a5503f7340ee3beb4f5d0f6694cefb8b5b4
SSDEEP

384:hdFUDMycnVxkI7pPvMDGc97W+28f37BUGjcru3o7+a1mtvgqPAfH0Clt:zFOMlV3PUDLLVBjjiHJf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68fda186caa5c78feca776820a616ab4_JaffaCakes118

Files

68fda186caa5c78feca776820a616ab4_JaffaCakes118
.exe windows:1 windows x86 arch:x86

914645849bf2347b588ed9c69762c8dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
CreateThread
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
HeapAlloc
HeapFree
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
ReadFile
UnhandledExceptionFilter
VirtualAlloc
lstrcmpiW
lstrlenW

user32

CharNextW
DestroyWindow
EndDialog
GetClientRect
GetDC
GetDlgItem
GetParent
GetSysColor
GetSystemMetrics
GetWindowLongW
GetWindowRect
IsDlgButtonChecked
IsWindow
LoadCursorW
LoadIconW
LoadStringW
MessageBoxW
PostQuitMessage
SendDlgItemMessageW
SendMessageW
SetCursor

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ