68e8b110a0c0106406dbb15e0466d54d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68e8b110a0c0106406dbb15e0466d54d_JaffaCakes118
Size

516KB
MD5

68e8b110a0c0106406dbb15e0466d54d
SHA1

91d0d36e545807309e98405b0e83126aa9bbc425
SHA256

cabfdd7df3d1ba501e83566d55d15aa0ac14943edb36f02720e614dca1f555e7
SHA512

1dfe24019b69fcbc759c9f2138ec9ca634a41b6c7a0488dd90dad00567c5eecb6c3a0c2ab2706bc20f79c39c66fa1e96d3127d3ca7de63e832c516dffb633e02
SSDEEP

12288:+YRNwVCy1S3cJDhCBVuRhon/DIBvx8/RbFu4Xdr:+Lsy1MYDqmC/D1RhT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68e8b110a0c0106406dbb15e0466d54d_JaffaCakes118

Files

68e8b110a0c0106406dbb15e0466d54d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76cb1aafe2dfa6729755af4858691341

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFileScatter
GetDiskFreeSpaceA
SetConsoleCursorInfo
WriteFile
GetDllDirectoryA
WriteFile
FlushViewOfFile
FlushFileBuffers
VirtualAllocEx
SetLocaleInfoA
MoveFileA
SetFirmwareEnvironmentVariableA
FreeResource
PeekConsoleInputA
LZCopy
EnumSystemLanguageGroupsA
GetPrivateProfileSectionNamesA
OpenMutexA
MapUserPhysicalPages
GetShortPathNameA
GetConsoleTitleA
GetCurrentProcess
LocalFlags
DeleteTimerQueueEx
CallNamedPipeA
UnregisterWaitEx
GetTickCount
Process32First
GlobalGetAtomNameA
HeapCreate
SetEnvironmentVariableA
GlobalCompact
FileTimeToSystemTime
SetFileValidData

wininet

InternetQueryDataAvailable
ResumeSuspendedDownload
DetectAutoProxyUrl
InternetCrackUrlA
FtpSetCurrentDirectoryW
InternetGetConnectedStateExA
InternetUnlockRequestFile

Sections

.rtext
Size: - Virtual size: 360B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 504KB - Virtual size: 525KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ