cf86b1f802e923cb9fcd270cc8dab52b_JaffaCakes118

General

Target

cf86b1f802e923cb9fcd270cc8dab52b_JaffaCakes118
Size

194KB
MD5

cf86b1f802e923cb9fcd270cc8dab52b
SHA1

c31158864e29d57c64d4c041fc9303a32fb062e2
SHA256

6c55f7ce6aaca80ced929e1611943729de6699a6db986424b01ca407868df8c8
SHA512

2acf05eb2695bb89b107676286b50cb4c91d5a9bc56829a13068421e67a3df53d5a611b01dcfb794170099125b8e84420c070f37ba210a8d4c8d165c847da727
SSDEEP

3072:y3S0SA7HcmykeTswubjv4DBoq6Jr7oNfogDlTKHx+FZZWJ4ZQtw5k75jpZ+VGwsE:JMykeYwuXe+xrdgDluoFZZWS68i+V+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf86b1f802e923cb9fcd270cc8dab52b_JaffaCakes118

Files

cf86b1f802e923cb9fcd270cc8dab52b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7f5bbac7741e5a117113b8ad25da0bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
GetACP
GlobalLock
GlobalAlloc
InterlockedDecrement
IsValidCodePage
GetCPInfo
SetProcessAffinityMask
CreateFileA
CreateFileW
SetEvent
GetCurrentThreadId
GetLocalTime
WriteConsoleW
MoveFileW
FreeEnvironmentStringsA
CreateProcessW
GetEnvironmentStrings
GetCurrentProcessId
FreeEnvironmentStringsW
WriteFile
CreateEventW
GetStringTypeA
GetOEMCP
ReadFile
Sleep
InterlockedIncrement
EnumResourceTypesA
WriteConsoleA
GetLocaleInfoA
OutputDebugStringW
TerminateThread
LoadLibraryA
GetModuleFileNameW
LCMapStringA
LCMapStringW
SetNamedPipeHandleState
GetEnvironmentStringsW
WaitForSingleObject
WaitForMultipleObjects
FlushFileBuffers
QueryPerformanceCounter
GetStringTypeW
GetSystemTimeAsFileTime
GetConsoleOutputCP
SetEndOfFile
DeleteCriticalSection
GlobalUnlock

ole32

CoMarshalHresult
CoInitializeSecurity
CoInitializeEx
CoQueryProxyBlanket
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
StringFromGUID2

imm32

ImmAssociateContext

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7f5bbac7741e5a117113b8ad25da0bf

Headers

File Characteristics

Imports

kernel32

ole32

imm32

Sections

.text Size: 122KB - Virtual size: 121KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 68KB - Virtual size: 67KB

.reloc Size: 1024B - Virtual size: 376KB

.text
Size: 122KB - Virtual size: 121KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 68KB - Virtual size: 67KB

.reloc
Size: 1024B - Virtual size: 376KB