59c2f8395589b8e9f593c0cdd0e19588_JaffaCakes118

General

Target

59c2f8395589b8e9f593c0cdd0e19588_JaffaCakes118
Size

192KB
MD5

59c2f8395589b8e9f593c0cdd0e19588
SHA1

8ec37841f19ebf5ef0958cdd8da6744c3db0e9ee
SHA256

556c2e08eaad807a233d64771ef533de51e76818ee6b5a16a1442021477282b2
SHA512

b371840d450debf98476f7303818e25801dcb4a37ab2c4e7e5fe8f9bb5b5bc35e845b440cadfabe844c6e1adead0ba7bff275a12b72e76a53bdaf6228c222d6d
SSDEEP

3072:Rco/gsTJR3q5GRrdNDPJ4xSeKHR20zpw7JLfsXuq+twTp3gGGAeDhjByUj8zF2rJ:mzmR3quDPexLIokpw7ZEextwOGGALbzU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59c2f8395589b8e9f593c0cdd0e19588_JaffaCakes118

Files

59c2f8395589b8e9f593c0cdd0e19588_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ebe1d9953802eb97f2c75e5e1ba96705

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

TlsGetValue
SetLastError
CloseHandle
GlobalFindAtomA
GetOEMCP
lstrlenA
GlobalUnlock
SetLastError
GlobalAlloc
lstrcmpW
GlobalFree
MultiByteToWideChar
FlushInstructionCache
GlobalHandle
TlsAlloc
RaiseException
GetLocaleInfoW
LocalAlloc
GlobalLock
HeapSetInformation
lstrlenW
MulDiv
CreateFileW
EnumResourceNamesA
InterlockedExchange
InterlockedIncrement
GetStringTypeW
LeaveCriticalSection
TlsSetValue
WaitForSingleObject
GetComputerNameW
InitializeCriticalSection
SetUnhandledExceptionFilter
GetCurrentThreadId
DeleteCriticalSection
FormatMessageW
GetCurrentProcess
InterlockedDecrement
GetTickCount
TlsFree
EnterCriticalSection
WideCharToMultiByte

rpcrt4

RpcStringFreeA

shlwapi

SHGetInverseCMAP
PathAppendA
PathIsContentTypeA
PathIsFileSpecA
SHCreateStreamOnFileEx
PathCreateFromUrlW

Sections

.text
Size: 97KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebe1d9953802eb97f2c75e5e1ba96705

Headers

File Characteristics

Imports

kernel32

rpcrt4

shlwapi

Sections

.text Size: 97KB - Virtual size: 237KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 88KB - Virtual size: 87KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 237KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 88KB - Virtual size: 87KB

.rsrc
Size: 512B - Virtual size: 4KB