42cf356e8b757fed71f7747118655d2c_JaffaCakes118

General

Target

42cf356e8b757fed71f7747118655d2c_JaffaCakes118
Size

194KB
MD5

42cf356e8b757fed71f7747118655d2c
SHA1

d85cab75a7e12f7e1cf59503b954a7608531011c
SHA256

e064ca1075f4b2861fcc65313b8fb37bf62435097ebd2cc2d654dae23245224c
SHA512

eaac5602069d88d297c6a217dbe10629037daa27445be55e790274fd19dcc0ef7fd1cbf0b260ef65386cc311bbb596cc6a33bd73bc7e0628c5d61f417902a6fc
SSDEEP

6144:BjcsqnZvGULew8v6m9HKOos+h4+nTSjbxIAZ/M:SfAk8x9Fos6nmn7NM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42cf356e8b757fed71f7747118655d2c_JaffaCakes118

Files

42cf356e8b757fed71f7747118655d2c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a04e824d8fcedd7c1b8e54400e80fc75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoMarshalHresult
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoTaskMemFree
CoSetProxyBlanket
CoUninitialize
CoQueryProxyBlanket
StringFromGUID2

kernel32

SetEvent
WriteConsoleA
GetACP
WaitForSingleObject
SetStdHandle
SetProcessAffinityMask
CreateFileA
InterlockedDecrement
GlobalAlloc
FlushFileBuffers
GetLocaleInfoA
ReadFile
LCMapStringW
GetConsoleOutputCP
WriteFile
CreateProcessW
FreeEnvironmentStringsA
GlobalLock
WriteConsoleW
DeleteCriticalSection
GetEnvironmentStrings
EnumResourceTypesA
GetOEMCP
LCMapStringA
CreateFileW
GetStringTypeA
InterlockedIncrement
GetCPInfo
WaitForMultipleObjects
LoadLibraryA
GetProfileIntA
CreateEventW
MoveFileW
GetStringTypeW
GetLocalTime
QueryPerformanceCounter
FreeEnvironmentStringsW
IsValidCodePage
GetCurrentThreadId
TerminateThread
Sleep
OutputDebugStringW
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetCurrentProcessId
SetEndOfFile
GetModuleFileNameW
GlobalUnlock

imm32

ImmAssociateContext

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a04e824d8fcedd7c1b8e54400e80fc75

Headers

File Characteristics

Imports

ole32

kernel32

imm32

Sections

.text Size: 124KB - Virtual size: 123KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 66KB - Virtual size: 65KB

.reloc Size: 1024B - Virtual size: 248KB

.text
Size: 124KB - Virtual size: 123KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 66KB - Virtual size: 65KB

.reloc
Size: 1024B - Virtual size: 248KB