068f47ac78e779563eefddac21e374b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

068f47ac78e779563eefddac21e374b8_JaffaCakes118
Size

184KB
MD5

068f47ac78e779563eefddac21e374b8
SHA1

75b9ef9fda96c692250dd7ade9a791eb72a2af7f
SHA256

6c54df330663d945e3604b51e899059d5c212faf6bb7d595fd442020e57e8d56
SHA512

abfd2747965efed7cd2575723c36ecf5f1c74f27a89d91cabd0d509775faa69e119657a517e7e670bbdb72940d9d20bc1ddd015ef27daebb5894f0b2d38512e2
SSDEEP

3072:e3zX2VfPx7RGIqwEnIYajrc5KvoQIPob7M4M418C7jJ90I+5/uClahum6PWQucv6:ejwx7Rtqw6CjraQVL1VgwClaDgsCUP1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
068f47ac78e779563eefddac21e374b8_JaffaCakes118

Files

068f47ac78e779563eefddac21e374b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a01974bb1b8f3d7704a3d555a0ff3e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
VirtualQueryEx
GetLocaleInfoA
RaiseException
CreateProcessA
InterlockedExchange
MultiByteToWideChar
GetCurrentProcess
GetTickCount
GetCurrentProcessId
GetACP
GetEnvironmentVariableA
SetUnhandledExceptionFilter
QueryPerformanceCounter
LocalAlloc
EnumResourceNamesW
Sleep
GetSystemTimeAsFileTime
GetModuleHandleA
FindResourceExW
GetStartupInfoA
lstrlenW
WideCharToMultiByte
GetCurrentThreadId
IsDebuggerPresent
InterlockedCompareExchange
UnhandledExceptionFilter
lstrlenA
GetThreadLocale

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegOpenKeyA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey
RegEnumKeyExA
RegSetValueExA

ole32

StringFromIID
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ