37cabac37093398cea7b02da735a54ae_JaffaCakes118

General

Target

37cabac37093398cea7b02da735a54ae_JaffaCakes118
Size

160KB
MD5

37cabac37093398cea7b02da735a54ae
SHA1

2babef0e8598d7099b9565a512b0d3e8bcabcb35
SHA256

cdfd7e7e915abc8451e6361de7fe0b2d6caaba06d48605e216290416e65c003d
SHA512

5f53be28503ee59659127463e4f923c86bab0f06bead079904c89109cafebde231ca35f387808fc0f981493b9cfe75ffd8e0a8deae32121d435251150f964313
SSDEEP

3072:yPLJ1aRhgNvSKOSvy7zJXDaWHppt8juOs3TZOyyr8JwbrIJOsu9YZKhAfQEHn:NRhghXOSWJTTHLtbfZl3Jw3n96Kho

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37cabac37093398cea7b02da735a54ae_JaffaCakes118

Files

37cabac37093398cea7b02da735a54ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41246c11674cbd1080c0b1bead1ae052

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSFreeMemory
WTSQuerySessionInformationW
WTSRegisterSessionNotification

kernel32

HeapAlloc
LocalAlloc
QueryPerformanceCounter
lstrlenW
WriteFile
GetModuleHandleA
GetSystemTime
HeapFree
LoadLibraryW
GetEnvironmentVariableA
LoadLibraryExW
GetStdHandle
GetSystemTimeAsFileTime
HeapReAlloc
TerminateProcess
CreateFileW
GetThreadLocale
MultiByteToWideChar
RaiseException
GetACP
SetUnhandledExceptionFilter
EnumResourceTypesW
Sleep
InterlockedCompareExchange
GetCurrentThreadId
HeapFree
GetCurrentProcess
GetCurrentProcessId
GetStartupInfoA
IsDebuggerPresent
InterlockedExchange
GetProcessHeap
HeapSize
LZOpenFileA
CloseHandle
SystemTimeToFileTime
lstrlenA
CreateProcessA
WideCharToMultiByte
UnhandledExceptionFilter
GetTickCount
GetLocaleInfoA
HeapDestroy
lstrcpynW

msimg32

TransparentBlt

oleacc

LresultFromObject
AccessibleObjectFromEvent

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41246c11674cbd1080c0b1bead1ae052

Headers

File Characteristics

Imports

wtsapi32

kernel32

msimg32

oleacc

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 2KB - Virtual size: 409KB

.data Size: 117KB - Virtual size: 116KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 2KB - Virtual size: 409KB

.data
Size: 117KB - Virtual size: 116KB

.rsrc
Size: 512B - Virtual size: 4KB