08d4816113eeea9291b8bf96abb475bd_JaffaCakes118

General

Target

08d4816113eeea9291b8bf96abb475bd_JaffaCakes118
Size

191KB
MD5

08d4816113eeea9291b8bf96abb475bd
SHA1

e7bb80c7dc55cb17b60ba9230b70272b42a26cad
SHA256

0cc8fd64b024f2f4d33efe6f019771d4d3f716b4b8fd10bdeca23b2ee5191ddf
SHA512

77590d47558024ca3cbd01c37a5486c7d5c6678153f45838605bea875a48f47174105083d5d94abf4ad39e1557d052fef0e006a34161c359a1dcac9b8f08f99a
SSDEEP

3072:bbnqq45YM6dGHinsbVGePdgD2ivgQYCHtehJ811Ryuyh7dRiV1eD44f2:vX4+MVinyNLsr3c76x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08d4816113eeea9291b8bf96abb475bd_JaffaCakes118

Files

08d4816113eeea9291b8bf96abb475bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0615d98b15202bac65b39d338f7704d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
SetEndOfFile
GetCurrentProcessId
GetLocaleInfoA
GetModuleFileNameW
SetProcessAffinityMask
GetEnvironmentStringsW
GetEnvironmentStrings
DeleteCriticalSection
QueryPerformanceCounter
InterlockedIncrement
LCMapStringW
MoveFileW
FlushFileBuffers
SetStdHandle
FreeEnvironmentStringsA
WriteConsoleA
ReadFile
WaitForSingleObject
GetACP
CreateFileA
GetStringTypeW
WriteFile
LCMapStringA
WriteConsoleW
GetSystemTimeAsFileTime
GetCurrentThreadId
EnumResourceTypesA
InterlockedDecrement
CreateEventW
GetCPInfo
GetLocalTime
Sleep
TerminateThread
IsValidCodePage
GlobalLock
OutputDebugStringW
GetProfileIntA
CreateFileW
CreateProcessW
FreeEnvironmentStringsW
GetConsoleOutputCP
WaitForMultipleObjects
GlobalAlloc
SetEvent
GetOEMCP
GetStringTypeA
GlobalUnlock

imm32

ImmAssociateContext

ole32

CoMarshalHresult
CoSetProxyBlanket
CoInitializeEx
CoTaskMemFree
CoInitializeSecurity
CoUninitialize
CoCreateInstance
CoQueryProxyBlanket
StringFromGUID2

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0615d98b15202bac65b39d338f7704d7

Headers

File Characteristics

Imports

kernel32

imm32

ole32

Sections

.text Size: 117KB - Virtual size: 116KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 70KB - Virtual size: 69KB

.reloc Size: 1024B - Virtual size: 376KB

.text
Size: 117KB - Virtual size: 116KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 70KB - Virtual size: 69KB

.reloc
Size: 1024B - Virtual size: 376KB