a4e0df5f89542a2ea83ac03e2c7d8a4f_JaffaCakes118

General

Target

a4e0df5f89542a2ea83ac03e2c7d8a4f_JaffaCakes118
Size

188KB
MD5

a4e0df5f89542a2ea83ac03e2c7d8a4f
SHA1

90936896e0acd18e4cc186c6b6c6d4e7e0601b81
SHA256

143385cd04d3c9f9c36d6f230b4b4e4f3463527fb9d0e83421ee76623dcbc5c7
SHA512

0394b664d793c10587f8b897c4f235b026405687eeba78336e3d90ae1adeb939e94d21b86602235461864134d078f969cb7d8ae47b4d20b888a79ca95caeba4a
SSDEEP

3072:PNHE7D7MyaQs7ty4UznaSGvygW1d9Dx5uhUbb4k4WKfAIMDpqRNN+ezpi16Qcg+3:VHBbhbygWdDx5o+b4jXxO+N+e1Qp+Dz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4e0df5f89542a2ea83ac03e2c7d8a4f_JaffaCakes118

Files

a4e0df5f89542a2ea83ac03e2c7d8a4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44b656fe9cec04c7ddbb7abfece859c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoMarshalHresult
CoTaskMemFree
CoInitializeSecurity
CoCreateInstance
CoQueryProxyBlanket
CoUninitialize
CoInitializeEx
CoSetProxyBlanket
StringFromGUID2

kernel32

GetACP
CreateFileW
GetCurrentProcessId
SetStdHandle
SetProcessAffinityMask
InterlockedDecrement
GetStringTypeW
CreateProcessW
GetLocaleInfoA
GetEnvironmentStrings
GetStringTypeA
SetEndOfFile
LCMapStringA
IsValidCodePage
OutputDebugStringW
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
QueryPerformanceCounter
WaitForSingleObject
FlushFileBuffers
Sleep
FreeEnvironmentStringsA
LCMapStringW
LoadLibraryA
GetConsoleOutputCP
GetModuleFileNameW
CreateEventW
DeleteCriticalSection
EnumResourceTypesA
GetCPInfo
SetEvent
WriteFile
GetLocalTime
WriteConsoleA
InterlockedIncrement
WaitNamedPipeA
CreateFileA
GetCurrentThreadId
WaitForMultipleObjects
TerminateThread
ReadFile
MoveFileW
GlobalLock
GetOEMCP
GlobalAlloc
GetEnvironmentStringsW
WriteConsoleW
GlobalUnlock

imm32

ImmAssociateContext

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44b656fe9cec04c7ddbb7abfece859c7

Headers

File Characteristics

Imports

ole32

kernel32

imm32

Sections

.text Size: 114KB - Virtual size: 114KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 69KB - Virtual size: 69KB

.reloc Size: 1024B - Virtual size: 104KB

.text
Size: 114KB - Virtual size: 114KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 69KB - Virtual size: 69KB

.reloc
Size: 1024B - Virtual size: 104KB