0143225cef402ba2064fdbc99cd3d39c_JaffaCakes118

General

Target

0143225cef402ba2064fdbc99cd3d39c_JaffaCakes118
Size

119KB
MD5

0143225cef402ba2064fdbc99cd3d39c
SHA1

0e373f9352b807c9abba659842a3c09afa6c02da
SHA256

d2629b76c594e98a5f9c65e169cdc642ca95ffd509efa3bc3ad94fd9577d1507
SHA512

35c278011d6539055268dd6fe10ceefb1c624b5cf8cde1d8f627363f6bc0362af3aa856098b3e52503cd68576dea8c3bf15f603e19bc594740962fa081ccd8cb
SSDEEP

3072:7c+BCcaqukSU1LMDUEJZPR8kOAAzkr7YQYwiko7O:Yjq5SsKRzO0/Vi4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0143225cef402ba2064fdbc99cd3d39c_JaffaCakes118

Files

0143225cef402ba2064fdbc99cd3d39c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d76e8606972bcb3e4fd7ec1a5f1f8345

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisconnectNamedPipe
GetUserDefaultLCID
SetEndOfFile
lstrcatA
GetSystemTimeAsFileTime
TerminateProcess
GetFullPathNameW
ConvertFiberToThread
GetDriveTypeW
GetFileInformationByHandle
WaitForMultipleObjects
CreateThread
SetUnhandledExceptionFilter
GetCurrentProcess
CloseHandle
FlushFileBuffers
CreateDirectoryW
FreeEnvironmentStringsA
FindFirstFileW
TlsAlloc
lstrlenA
GetLocalTime
DeleteFileW
GetVersionExA
GetModuleFileNameW
WideCharToMultiByte
LoadLibraryA
PeekNamedPipe
FindCloseChangeNotification
CreateEventA
SwitchToThread
LocalFree
ReadFile
IsDebuggerPresent
ReleaseSemaphore
SetFilePointer
RemoveDirectoryW
WaitForSingleObject
MultiByteToWideChar
CreateNamedPipeA
TlsFree
GetOverlappedResult
GetLastError
GetTickCount
EnumResourceNamesA
GetCurrentProcessId
FindClose
GetSystemDirectoryW
LoadLibraryW
TlsSetValue
ResetEvent
MoveFileW
QueryPerformanceCounter
CreateSemaphoreA
GetStartupInfoA
GetSystemDirectoryA
TlsGetValue
LocalAlloc
InterlockedCompareExchange
GetProcAddress
LeaveCriticalSection
ExitProcess
FindNextFileW
SetEvent
FindFirstChangeNotificationW
FreeLibrary
CreateFileW
Sleep
GetCurrentThread
WriteFile
EnterCriticalSection
DeleteCriticalSection
InterlockedExchange
UnhandledExceptionFilter
FindNextChangeNotification
InitializeCriticalSection
GetCurrentThreadId
ConnectNamedPipe

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d76e8606972bcb3e4fd7ec1a5f1f8345

Headers

File Characteristics

Imports

kernel32

oleacc

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 21KB

.rsrc Size: 1024B - Virtual size: 64KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 1024B - Virtual size: 64KB