0a8f5aaa04d7e1e9a7d885904ea088e6_JaffaCakes118

General

Target

0a8f5aaa04d7e1e9a7d885904ea088e6_JaffaCakes118
Size

81KB
MD5

0a8f5aaa04d7e1e9a7d885904ea088e6
SHA1

935ff2759450e4b1a813473fa1073e9639d42491
SHA256

662d11f4976998adc2c6e2d3fe7fc0378df14932e1cdfa82669d82fc71b3e956
SHA512

df7813286f13ab0f4161d26f63d337cd0e7756c04528b203df644cafd737db07d7a32c5969a17314a280ab66031e9c8c02d75c6a6b6c0f36d0b544c7cedb27fb
SSDEEP

1536:jdJbEXo9FldowD9THv34MyDCQ8ijjyae8dB9SaHCz1ms+Dkj:xhmo9Fla8RI7pyaeaB9VC4Dk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a8f5aaa04d7e1e9a7d885904ea088e6_JaffaCakes118

Files

0a8f5aaa04d7e1e9a7d885904ea088e6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7c992c88ad08ae279cb8d55be9185e12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
VirtualAlloc
lstrlenW
GetFileAttributesA
GetFileAttributesW
GetExitCodeProcess
GetACP
lstrcpyW
GetCurrentProcess
SetHandleCount
GetConsoleMode
GetStdHandle
GetCommandLineW
EnterCriticalSection
ExitProcess
GetFileSize
LockResource
ResumeThread
GetProcessHeap
GetSystemTime
GetSystemTimeAsFileTime
GetProcAddress
VirtualProtect
CreateFileA

ole32

CoMarshalInterface
StgIsStorageFile
CLSIDFromString
MkParseDisplayName
PropVariantCopy
CoUnmarshalInterface
OleRegEnumFormatEtc
StgCreateDocfileOnILockBytes
CreateOleAdviseHolder
CoMarshalInterThreadInterfaceInStream
CoRegisterClassObject
CreateDataAdviseHolder
CreateBindCtx
CoImpersonateClient

version

GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueA
VerFindFileW
VerQueryValueW

ntdll

RtlRunEncodeUnicodeString
RtlInitializeCriticalSection
NtConnectPort
NlsMbOemCodePageTag
_wcslwr
RtlQueryEnvironmentVariable_U
RtlCreateUnicodeStringFromAsciiz
NtOpenProcess
RtlInitializeCriticalSectionAndSpinCount
RtlGetDaclSecurityDescriptor
NtSetInformationThread
NtUnmapViewOfSection
NtFsControlFile
RtlUnicodeToMultiByteN
NtQueryDirectoryFile
NtEnumerateValueKey
RtlDestroyEnvironment
RtlFreeUnicodeString
RtlAcquireResourceShared

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c992c88ad08ae279cb8d55be9185e12

Headers

File Characteristics

Imports

kernel32

ole32

version

ntdll

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 56KB - Virtual size: 117KB

.idata Size: 8KB - Virtual size: 8KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 56KB - Virtual size: 117KB

.idata
Size: 8KB - Virtual size: 8KB