8dd78502a5b4c606c002dfaba908384a_JaffaCakes118

General

Target

8dd78502a5b4c606c002dfaba908384a_JaffaCakes118
Size

154KB
MD5

8dd78502a5b4c606c002dfaba908384a
SHA1

587c0ffc60fea9150d215c08646c6cbc073cc145
SHA256

48a9644a8189f77ae7840969be11f4862511b407e7a4559c84933082d8dd09d1
SHA512

5eb94c89d6e0011fdba2d0d5de31fbb4ba40fe1cc84fa19593f6bfaeef78abedb136dbe0ef50ff237c5a266c2d949ce49e71d2116f5851f982207d42b1040088
SSDEEP

3072:t3ER2LmW8ui9ZQLgrD5aNinTSah2dcOrc9UOR2FFDBhnyty1G5zDElyF5rlEvNyz:t32dW3BgH2imc2fr5ORqCsQzLSlyS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dd78502a5b4c606c002dfaba908384a_JaffaCakes118

Files

8dd78502a5b4c606c002dfaba908384a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9646b3cb41812258f0191838aeda539c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext

ole32

CoMarshalHresult
CoCreateInstance
CoUninitialize
CoSetProxyBlanket
CoTaskMemFree
CoInitializeEx
CoInitializeSecurity
CoQueryProxyBlanket
StringFromGUID2

kernel32

SetProcessAffinityMask
InterlockedDecrement
IsValidCodePage
FreeEnvironmentStringsA
QueryPerformanceCounter
GetACP
GlobalAlloc
SetStdHandle
GlobalLock
OutputDebugStringW
FlushFileBuffers
CreateEventW
GetConsoleOutputCP
CreateFileA
FreeEnvironmentStringsW
LCMapStringW
DeleteCriticalSection
GetCPInfo
LCMapStringA
GetEnvironmentStringsW
GetStringTypeA
LoadLibraryA
EnumResourceTypesA
GetSystemTimeAsFileTime
GetModuleFileNameW
WaitForSingleObject
GetEnvironmentStrings
SetEvent
GetStringTypeW
SetEndOfFile
ReadFile
InterlockedIncrement
GetProfileIntA
GetLocaleInfoA
WriteFile
TerminateThread
WaitForMultipleObjects
WriteConsoleW
CreateFileW
WriteConsoleA
GetCurrentThreadId
GetCurrentProcessId
Sleep
GetLocalTime
MoveFileW
CreateProcessW
GetOEMCP
GlobalUnlock

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9646b3cb41812258f0191838aeda539c

Headers

File Characteristics

Imports

imm32

ole32

kernel32

Sections

.text Size: 97KB - Virtual size: 97KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 52KB - Virtual size: 52KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 97KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 52KB - Virtual size: 52KB

.reloc
Size: 1024B - Virtual size: 4KB