0097a8f504424a0563f837685794d7ff_JaffaCakes118

General

Target

0097a8f504424a0563f837685794d7ff_JaffaCakes118
Size

149KB
MD5

0097a8f504424a0563f837685794d7ff
SHA1

11d32b0bc5c32c08ddc88dd0c8668b5578544b39
SHA256

8988f592efb88b4998b54c9736898339811bda3578b27e0a4a03ed9a4c5ca363
SHA512

412418f9fe6307896ce331773140fe6c8133110533fbc14ccd2741c4c1faade158fe4c0c2f728f4d106417dbbd73d82ad5ae17bab8b8f3ef4f6c8ec490401d65
SSDEEP

3072:6/mwFZbDM81eMROxp+ReBdOBePSGZPBWhicObWwJSsaLeEA27izD8MpTgqYpl:0bYSeMROUgaEAVBl9b7yp2pl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0097a8f504424a0563f837685794d7ff_JaffaCakes118

Files

0097a8f504424a0563f837685794d7ff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

064dc81486d6920aed51709a1e3ed385

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmShowSoftKeyboard
ImmSetCompositionWindow
ImmSetCompositionFontW
ImmSetStatusWindowPos
ImmGetConversionListW
ImmIsUIMessageA
ImmSimulateHotKey
ImmAssociateContext
ImmCreateContext
ImmGetIMCLockCount
ImmGetCandidateListW
ImmDisableIME
ImmEscapeA
ImmEnumRegisterWordA
ImmGetVirtualKey
ImmDestroyIMCC
ImmGetIMCCSize
ImmSetCandidateWindow
ImmConfigureIMEW
ImmGetIMEFileNameW
ImmGetCandidateListA
ImmLockIMC
ImmGetCompositionStringW
ImmRequestMessageW
ImmLockIMCC
ImmGetCandidateListCountW
ImmGetDefaultIMEWnd
ImmGetCandidateWindow

kernel32

VirtualAlloc

oledlg

OleUIObjectPropertiesW
ord7

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeW
VerInstallFileA
VerInstallFileW
GetFileVersionInfoSizeA
VerFindFileW
VerFindFileA
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

064dc81486d6920aed51709a1e3ed385

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

oledlg

version

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: - Virtual size: 96KB

.rsrc Size: 145KB - Virtual size: 145KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: - Virtual size: 96KB

.rsrc
Size: 145KB - Virtual size: 145KB