b903343d752f706c22f1ac54f7d94108_JaffaCakes118

General

Target

b903343d752f706c22f1ac54f7d94108_JaffaCakes118
Size

186KB
MD5

b903343d752f706c22f1ac54f7d94108
SHA1

4b34d82dd325c7d9a7b677cae10f28a907432538
SHA256

dac413e75fe16c64a23ec7381e00581876776fdee3edddeb8ada491c0382b785
SHA512

f0de82630f416d44beddd9bbcc12f46ac0147ecc7928c86ff0ad09bd724ddaafd5f0f3be0fc5a091cf9b10ec837ce4d9d36ee69793349cfe2b3b5c36787b56c0
SSDEEP

3072:RBi2rjH1EVKx7iYeOkIsNQoDx5JPBMHp/l5xnIlr8AL/Yp/FZFw1SqY/M:/Rt9BvkIsNQ+XeJ/dIlHLgp/FZFw1o0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b903343d752f706c22f1ac54f7d94108_JaffaCakes118

Files

b903343d752f706c22f1ac54f7d94108_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5dd941b79971c61e0b72fa8f099e33de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoMarshalHresult
CoInitializeEx
CoTaskMemFree
CoQueryProxyBlanket
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
StringFromGUID2

imm32

ImmAssociateContext

kernel32

SetProcessAffinityMask
GlobalLock
CreateProcessW
FreeEnvironmentStringsW
FlushFileBuffers
GetCPInfo
LCMapStringA
GetLocalTime
QueryPerformanceCounter
GetEnvironmentStrings
GetModuleFileNameW
SetStdHandle
CreateEventW
CreateFileW
GetSystemTimeAsFileTime
DeleteCriticalSection
ReadFile
OutputDebugStringW
SetEndOfFile
GetOEMCP
TerminateThread
GetACP
GetStringTypeW
EnumResourceTypesA
LoadLibraryA
GetEnvironmentStringsW
GetConsoleOutputCP
GetLocaleInfoA
WriteConsoleW
WaitNamedPipeA
GetCurrentProcessId
GetStringTypeA
InterlockedIncrement
WriteConsoleA
GlobalAlloc
IsValidCodePage
WriteFile
WaitForMultipleObjects
WaitForSingleObject
LCMapStringW
MoveFileW
Sleep
FreeEnvironmentStringsA
CreateFileA
SetEvent
InterlockedDecrement
GetCurrentThreadId
GlobalUnlock

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5dd941b79971c61e0b72fa8f099e33de

Headers

File Characteristics

Imports

ole32

imm32

kernel32

Sections

.text Size: 114KB - Virtual size: 114KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 68KB - Virtual size: 67KB

.reloc Size: 1024B - Virtual size: 108KB

.text
Size: 114KB - Virtual size: 114KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 68KB - Virtual size: 67KB

.reloc
Size: 1024B - Virtual size: 108KB