965f7eb76cae7902af7707385b3ff943_JaffaCakes118 | Triage

Sharing

General

Target

965f7eb76cae7902af7707385b3ff943_JaffaCakes118
Size

313KB
MD5

965f7eb76cae7902af7707385b3ff943
SHA1

cb1a3ca09f252aa1243240c4d184b984251b5b3c
SHA256

8cf9a535e0e9e93aaeacc3e4e5b9f59b7f1e338d7cf65abcf5e18d22d2d8d7e0
SHA512

3876103b149446c00ac3169edfb2e61e198bff6968981b5ef078e3cf1f9439b6349c2db5c1d984a72005831008564d846550fb55dcebf18664ebb9e2d8569cbd
SSDEEP

6144:HPH/wwALEUzYa1Qvq9bQDbafszUuXjncFTB91arSFGciNoixv4UOEs:HP/wP44KyxQbaUzUuXUfgrpciNoixv4H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
965f7eb76cae7902af7707385b3ff943_JaffaCakes118

Files

965f7eb76cae7902af7707385b3ff943_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18cb8899dbd36a90750206a0a881d14d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalCompact
GlobalLock
FindAtomA
EnterCriticalSection
CloseHandle
CreateHardLinkA
GetCommState
RaiseException
DeleteAtom
GetStdHandle
VirtualAlloc
GetProcessHeap
GetOEMCP
ClearCommBreak
GlobalFree
WriteProcessMemory
LoadLibraryExA
GetTapeStatus
ExitThread
GetProfileStringA
GlobalFlags

user32

GetClassInfoExA
GetFocus
ShowWindow
GetWindow
EndPaint
RegisterClassA
ValidateRect
CloseWindow
IsIconic
GetWindowTextA
DrawEdge
GetDC
GetActiveWindow
BeginPaint
GetForegroundWindow
GetWindowTextLengthA
GetClassNameA
ReleaseDC
GetParent

wsock32

WSACleanup
WSAAsyncSelect
WSAGetLastError
WSAIsBlocking
WSAStartup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ