f610168dd093baed15771066a95edd8d_JaffaCakes118

General

Target

f610168dd093baed15771066a95edd8d_JaffaCakes118
Size

284KB
MD5

f610168dd093baed15771066a95edd8d
SHA1

d6658df776b557f8f0fd476ce1861e0f5cd98aef
SHA256

818ce65d890b43fc0dafe2830559fb3facdda895563cb39abdcc8a1d78550b9f
SHA512

ad61ceb72211c6c0933978f1edf5845c251a2a5a54db34983d46043ab857eff1c7f46994e6c67f99f970a3da3bb878d7b64b344e9d891e9d79d253c7341e65c4
SSDEEP

6144:Nx9Mm80qzrcmZ6MEgzxv0iizS5PzjDOYPCo9FjW/PdKL:Nx9Mm80qzrLOgOELPCKAPcL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f610168dd093baed15771066a95edd8d_JaffaCakes118

Files

f610168dd093baed15771066a95edd8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

890887eefc0a792a987a9bb3ed607029

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileW
SetLastError
FindAtomA
GetOEMCP
GetCurrentThreadId
GlobalAlloc
GlobalUnlock
GetLocaleInfoW
DeleteCriticalSection
GetComputerNameW
SetLastError
lstrcmpW
TlsSetValue
TlsAlloc
lstrlenW
GetCurrentProcess
GlobalHandle
GetTickCount
RaiseException
InterlockedExchange
FormatMessageW
InterlockedIncrement
TlsFree
CloseHandle
EnumResourceNamesA
FlushInstructionCache
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalFree
lstrlenA
SetUnhandledExceptionFilter
GetStringTypeA
LeaveCriticalSection
GlobalLock
MulDiv
WaitForSingleObject
LocalAlloc
MultiByteToWideChar
HeapSetInformation
InterlockedDecrement
WideCharToMultiByte

rpcrt4

RpcStringFreeA

shlwapi

StrRetToStrA
SHCreateStreamOnFileEx
PathIsFileSpecA
PathAppendA
PathIsContentTypeA
PathCreateFromUrlW

Sections

.text
Size: 138KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

890887eefc0a792a987a9bb3ed607029

Headers

File Characteristics

Imports

kernel32

rpcrt4

shlwapi

Sections

.text Size: 138KB - Virtual size: 273KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 143KB - Virtual size: 143KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 138KB - Virtual size: 273KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 143KB - Virtual size: 143KB

.rsrc
Size: 512B - Virtual size: 4KB