68db490d3dc2fd3078b88a360397f40f_JaffaCakes118 | Triage

Sharing

General

Target

68db490d3dc2fd3078b88a360397f40f_JaffaCakes118
Size

156KB
MD5

68db490d3dc2fd3078b88a360397f40f
SHA1

6f270f25951a9eab0b464483cf6874437121dcd2
SHA256

1ca51d85cbb0d6d6d1e62454cd594a8cb984cec3bd9d080900d0fc5f97da7d9b
SHA512

f6dda2bd6e95f4c08072b06ea7a5c9e4db9db66532e421f7fc31cb1252579b56be39d598adaec29f5c2995e4fe4fbb210520d62828d57d615934fb8b21f8680a
SSDEEP

3072:dTsIHsnWeaW+sTH4BVYic36UqTT8O4IJBF3qc5h6RFbbNGd:FsIMWYHCYgUW8O4Ilqc58fbbE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68db490d3dc2fd3078b88a360397f40f_JaffaCakes118

Files

68db490d3dc2fd3078b88a360397f40f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6160f7d4cace75b74cbd193eaaebf1ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCPInfo
lstrcpyW
OutputDebugStringW
LockResource
CheckRemoteDebuggerPresent
GetLastError
lstrcpyW
MultiByteToWideChar
EnumResourceTypesA
GlobalAlloc
WideCharToMultiByte
GetACP
FindClose
GetTickCount
lstrlenW
InitializeCriticalSection
GlobalFree
lstrcmpiW
DeleteCriticalSection
lstrcpyA
GetModuleHandleW

user32

SetTimer
CharUpperW
PostThreadMessageW
wsprintfW
CharNextW
TranslateMessage
DispatchMessageW
KillTimer
GetDC
GetMessageW
SendMessageW
UnregisterClassA

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ