65f8f35296c2cb5feda3ca98a6091075_JaffaCakes118 | Triage

Sharing

General

Target

65f8f35296c2cb5feda3ca98a6091075_JaffaCakes118
Size

294KB
MD5

65f8f35296c2cb5feda3ca98a6091075
SHA1

f3dc653cd25f05a2a9cf0b888111cecb830b7a14
SHA256

2f401125b00066c0bf90880b08fff6bf5841800e6178d04c7094cd8abf51d6c1
SHA512

130b12d9b3fb972d306193e6e7335799739e6d397d3bba0a45e70bf3857f1fc625a5ac2bbd0729cff6b17f9637e793f71452de2340a955b7129841ac766f9bd7
SSDEEP

6144:ePC1gueriIMdeA6Rlrcg2kn5iELiFEoJSRml:QC1gaDd4dn5iE2FEoJf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65f8f35296c2cb5feda3ca98a6091075_JaffaCakes118

Files

65f8f35296c2cb5feda3ca98a6091075_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b4eb3d682b39da4daa0716d804b1bd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetAtomNameA
FindAtomA
HeapReAlloc
TlsFree
VirtualProtect
GetModuleHandleA
CloseHandle
GlobalUnlock
HeapWalk
GetProfileIntA
LoadLibraryA
TlsGetValue
GetACP
CompareFileTime
InterlockedExchange
WaitForSingleObject
lstrlenA
GetTickCount
GetConsoleCP
GetVersion

user32

DispatchMessageA
LoadIconA
DestroyMenu
ShowWindow
PostMessageA
PaintDesktop
SetWindowPos
InflateRect
CreateCaret
EnableScrollBar
PostQuitMessage
InsertMenuA
GetScrollRange
CopyRect
GetKeyboardLayout
TranslateMessage
UpdateWindow
ModifyMenuA
GetMenuStringA
SubtractRect
MessageBoxA
GetDlgItem
EqualRect
GetWindowTextA
SetPropA
DialogBoxParamA
GetMenu

msi

MsiCloseHandle
MsiEnumProductsA
MsiGetMode
MsiEnumClientsA
MsiDoActionA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ