96bc87bc5f3807792f79c5a0fbb41b85_JaffaCakes118 | Triage

Sharing

General

Target

96bc87bc5f3807792f79c5a0fbb41b85_JaffaCakes118
Size

182KB
MD5

96bc87bc5f3807792f79c5a0fbb41b85
SHA1

5c3c09510a80d21c0ef08c2b3cc84c8d528903ba
SHA256

6a0d601e55b46612b8546d30cfd80c44f0675d893cfed0354d32e2afdc7a63e7
SHA512

06dc209e50bccb1a8fe8bb5e73eb259ccae843123df0ba2ca25c47bbb21d6f252ca14efb4c8ff8654ca7204aba954069fe5f48f5b1c1b4cd6d6e7d52ca218c55
SSDEEP

3072:eUU79HJYvHmaBH4Q78W2+2Nw95diJqTzlEILce2TZ/QOheHkrAjjwtwA6:DcFJ+HnuQ7x2TNBJuEyce2aO/rajOwA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
96bc87bc5f3807792f79c5a0fbb41b85_JaffaCakes118

Files

96bc87bc5f3807792f79c5a0fbb41b85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dcc5e4aa12be6314daeea85567c796c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfile
StgOpenStorage

kernel32

CreateFileW
GetShortPathNameW
GetCurrentThreadId
UnhandledExceptionFilter
GetHandleInformation
GetCurrentProcessId
EnumResourceTypesW
GlobalFree
ExitProcess
LoadLibraryW
GetLastError
CloseHandle
GetProcAddress
GetModuleHandleW
GetVersionExW

msvfw32

ICSendMessage
ICOpen
ICClose
ICDecompress

user32

SetWindowPos
CreatePopupMenu
InvalidateRect
GetFocus
EnableWindow
LoadCursorW
GetDesktopWindow
SetCursor
RedrawWindow
SetParent
TrackPopupMenuEx
DestroyMenu
IsWindow
ClipCursor
PtInRect

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ