37c5b5ddfdd7596800afa4feb78ddeef_JaffaCakes118

General

Target

37c5b5ddfdd7596800afa4feb78ddeef_JaffaCakes118
Size

296KB
MD5

37c5b5ddfdd7596800afa4feb78ddeef
SHA1

20610c205da5a66c4d73f88bf9ba4e7001b5ef8d
SHA256

9c73565dc179f39754a3993ff347f72696cddfe4be2fb4885879497a5ae6ad2d
SHA512

9307da3b0d37453bf29379c00c15ccf7d717dd5367dc997b19ff9838b8e1efd18d843e41dd4e9674b9c3185911baea84ee9175d02c91a17163f7b63ad53ac2b8
SSDEEP

6144:QXuRFqOhixfpoFwi1omzXi4rK4BtWo2M75axaOB6IS9HNEoMtp4Y8s2SzunB0WO:UgYR6FJ1omzS4rK4BrX7QkOzU+tp4w2m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37c5b5ddfdd7596800afa4feb78ddeef_JaffaCakes118

Files

37c5b5ddfdd7596800afa4feb78ddeef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1b6f716f2f09edb54abbc0ab9c9dbb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleW
GetSystemInfo
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
TlsAlloc
SetLastError
GetCurrentThreadId
GetLastError
TlsFree
TlsSetValue
TlsGetValue
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InitializeCriticalSection
HeapAlloc
HeapReAlloc
HeapSize
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
VirtualAlloc
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect

shlwapi

ord276

mscoree

CoInitializeCor

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1b6f716f2f09edb54abbc0ab9c9dbb9

Headers

File Characteristics

Imports

kernel32

shlwapi

mscoree

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 236KB - Virtual size: 232KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 236KB - Virtual size: 232KB