37d54e1b7729c74e3eb4aa4ed1157281_JaffaCakes118

General

Target

37d54e1b7729c74e3eb4aa4ed1157281_JaffaCakes118
Size

149KB
MD5

37d54e1b7729c74e3eb4aa4ed1157281
SHA1

02bd9e516bd3b66921e64ef3236aebf8d1be2361
SHA256

87ad8d70ecc513b7d56f92e04468e0471bac4145d653b31250f6babd0ba81712
SHA512

dd1ab17539c0f6edb360c6d9e099c884b9f6e0ff40140dbfa0fbf7ea4e8da224afb2594dff27bc910c84f44be9b79874f8cd9785e566c6b4d2190662ffdf2fba
SSDEEP

3072:C1Jm6jjSa1lYQU1AW6+bu1qzVajzKtupyCgWR+g4f69aREtf3PBrArO8:TOXgQkbu1qzVaj3KgA4Tt/PB8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37d54e1b7729c74e3eb4aa4ed1157281_JaffaCakes118

Files

37d54e1b7729c74e3eb4aa4ed1157281_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10de8cba7717726e922eade936dfa540

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoMarshalHresult
CoQueryProxyBlanket
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitializeSecurity
CoInitializeEx
CoSetProxyBlanket
StringFromGUID2

kernel32

GetConsoleOutputCP
GlobalLock
IsValidCodePage
GetEnvironmentStringsW
SetProcessAffinityMask
CreateFileW
CreateEventW
DeleteCriticalSection
WriteConsoleA
FreeEnvironmentStringsA
GetLocalTime
Sleep
WaitForMultipleObjects
GlobalAlloc
TerminateThread
GetCurrentProcessId
InterlockedDecrement
GetEnvironmentStrings
GetModuleFileNameW
LCMapStringA
CreateProcessW
GetStringTypeW
SetStdHandle
GetStringTypeA
InterlockedIncrement
EnumResourceTypesA
GetSystemTimeAsFileTime
SetEndOfFile
QueryPerformanceCounter
GetOEMCP
WaitForSingleObject
WriteConsoleW
CreateFileA
LCMapStringW
GetCPInfo
GetCurrentThreadId
SetNamedPipeHandleState
MoveFileW
GetLocaleInfoA
FlushFileBuffers
GetACP
LoadLibraryA
ReadFile
SetEvent
WriteFile
OutputDebugStringW
FreeEnvironmentStringsW
GlobalUnlock

imm32

ImmAssociateContext

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10de8cba7717726e922eade936dfa540

Headers

File Characteristics

Imports

ole32

kernel32

imm32

Sections

.text Size: 94KB - Virtual size: 94KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 51KB - Virtual size: 50KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 94KB - Virtual size: 94KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 51KB - Virtual size: 50KB

.reloc
Size: 1024B - Virtual size: 4KB