f982bb575ba66968c52bee025037085c_JaffaCakes118

General

Target

f982bb575ba66968c52bee025037085c_JaffaCakes118
Size

191KB
MD5

f982bb575ba66968c52bee025037085c
SHA1

e378fbbc27e03a6756ff6c31ca147f15b879f899
SHA256

8f1be4d249817876e6bbb833b24c8a052549578aa8d3c4d17f28dbdc5e548d19
SHA512

5032dd00e23ec8ba841f876d52188aecad197bb4986acea6d358593be8c03fca0542d7b529e04d20f26d42913707299c49bdd03a74e159305f23b9944b5c0482
SSDEEP

3072:n5eiXBEtdBcTBhbtjk0PiQWceVm7rSJDx6VxIo/YeylXe4dJM:oM2lEhbNjM7T0Vmo/slpq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f982bb575ba66968c52bee025037085c_JaffaCakes118

Files

f982bb575ba66968c52bee025037085c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d6d8f09d90dbc5c7eec7dc206f55f79

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

kernel32

GetCurrentDirectoryW
FindNextFileW
GetTempPathA
SetPriorityClass
GetVersionExA
InterlockedIncrement
SetFileAttributesA
WaitForSingleObject
FindClose
GetFileSize
SetCurrentDirectoryW
GetLastError
GetFileAttributesW
SetFileAttributesW
GetTempFileNameW
InterlockedDecrement
GetExitCodeThread
ReadFile
CloseHandle
DeleteFileW
GetModuleFileNameA
GetModuleFileNameW
LocalAlloc
EnumResourceTypesW
CreateFileA
WideCharToMultiByte
CopyFileA
GetFileAttributesA
DeleteFileA
DisableThreadLibraryCalls
GetPrivateProfileStringW
FreeLibrary
SetErrorMode
FindNextFileA
lstrlenA
MultiByteToWideChar
GetTempPathW
FindFirstFileW
CreateDirectoryA
LocalFree
lstrcmpA
GetTempFileNameA

ole32

CoMarshalHresult
StringFromCLSID
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoInitializeEx
CoRegisterClassObject
CoTaskMemFree
CoRevokeClassObject
CoUninitialize
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
GetRunningObjectTable
CreateItemMoniker
CoTaskMemAlloc

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d6d8f09d90dbc5c7eec7dc206f55f79

Headers

File Characteristics

Imports

gdiplus

kernel32

ole32

Sections

.text Size: 122KB - Virtual size: 121KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 65KB - Virtual size: 65KB

.reloc Size: 1024B - Virtual size: 376KB

.text
Size: 122KB - Virtual size: 121KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 65KB - Virtual size: 65KB

.reloc
Size: 1024B - Virtual size: 376KB