094fa95d0ae1782c034bdb3c1782d288_JaffaCakes118

General

Target

094fa95d0ae1782c034bdb3c1782d288_JaffaCakes118
Size

188KB
MD5

094fa95d0ae1782c034bdb3c1782d288
SHA1

acd568d163e1ab199ae6ee086dab4146b8f867c3
SHA256

5884cc23e89bccf9675d82e27b42231665b7c7058bead8d2de756a1efe58bf3a
SHA512

a88fc56874ed8b3898fe96d56c1e88fddf5486141423590c17298a0572de0a2937d873c581133fc4a7661bfff31c5280445eae3c7153dab1bff8b775242337f8
SSDEEP

3072:TkPtPMf8xixTij41SZnzTfjAFNn1QdZM9IO6y+u9wDeJi77xCiXV5+1vt/FaVe67:TkVPM+KI1zjjPdZMxFg7hWFtYDH6WGuG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
094fa95d0ae1782c034bdb3c1782d288_JaffaCakes118

Files

094fa95d0ae1782c034bdb3c1782d288_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78926b21157f62ce8e56222feb29f98a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetOEMCP
LCMapStringW
FlushFileBuffers
SetProcessAffinityMask
GetStringTypeW
MoveFileW
GetSystemTimeAsFileTime
DeleteCriticalSection
CreateProcessW
GetCurrentProcessId
GetEnvironmentStrings
InterlockedDecrement
WaitForSingleObject
QueryPerformanceCounter
ReadFile
GlobalLock
FreeEnvironmentStringsW
GetStringTypeA
FreeEnvironmentStringsA
OutputDebugStringW
GetConsoleOutputCP
CreateEventW
GetLocalTime
EnumResourceTypesA
SetEndOfFile
GetACP
GetModuleFileNameW
SetStdHandle
Sleep
GetCPInfo
CreateFileW
GetLocaleInfoA
IsValidCodePage
InterlockedIncrement
WriteConsoleA
SetNamedPipeHandleState
GetEnvironmentStringsW
GetCurrentThreadId
WriteConsoleW
SetEvent
TerminateThread
LoadLibraryA
GlobalAlloc
LCMapStringA
WriteFile
WaitForMultipleObjects
GlobalUnlock

ole32

CoMarshalHresult
CoQueryProxyBlanket
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoInitializeSecurity
CoTaskMemFree
CoInitializeEx
StringFromGUID2

imm32

ImmAssociateContext

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78926b21157f62ce8e56222feb29f98a

Headers

File Characteristics

Imports

kernel32

ole32

imm32

Sections

.text Size: 120KB - Virtual size: 120KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 64KB - Virtual size: 63KB

.reloc Size: 1024B - Virtual size: 104KB

.text
Size: 120KB - Virtual size: 120KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 64KB - Virtual size: 63KB

.reloc
Size: 1024B - Virtual size: 104KB