375d71a65ee4e1223b488bcf2370ee25_JaffaCakes118

General

Target

375d71a65ee4e1223b488bcf2370ee25_JaffaCakes118
Size

136KB
MD5

375d71a65ee4e1223b488bcf2370ee25
SHA1

11a3b2b28f5506e180c98cc50930aab749ed96e3
SHA256

a23bb619344362a3b4e7261edbe440686151490d530e45b14d827011cc8c902b
SHA512

ea522a05cfddbdbd2e4fbf6fc5096650156f758f9aa88827028ce0c8ef1191c7a0c00312b1fd33e7aef53cdf30c3208da5ca91281290c14f34c15930eeb63798
SSDEEP

96:po2Hs70nZ0qHs70nZ0jJCTKRFd1selJ43wnO2RGDTAvRCLV:aD4Z0/4Z0jJfd1xJ3RMTsRCh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
375d71a65ee4e1223b488bcf2370ee25_JaffaCakes118

Files

375d71a65ee4e1223b488bcf2370ee25_JaffaCakes118
.exe windows:0 windows x86 arch:x86

e4a31882b0b8b39bb2a5fc0f8e6cf95c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
AddConsoleAliasW
AddRefActCtx
BaseCheckAppcompatCache
BaseInitAppcompatCache
BuildCommDCBW
ClearCommBreak
ConvertDefaultLocale
CopyFileExW
CreateEventW
CreateFileA
CreateFileMappingA
CreateHardLinkW
CreateIoCompletionPort
CreateJobSet
CreateMutexA
CreateNamedPipeW
CreateSocketHandle
CreateThread
CreateTimerQueueTimer
CreateToolhelp32Snapshot
DebugSetProcessKillOnExit
DeleteTimerQueueEx
EnumSystemLocalesA
ExitThread
ExpandEnvironmentStringsW
FindActCtxSectionGuid
FindFirstVolumeMountPointA
FindVolumeClose
FoldStringA
FormatMessageW
FreeConsole
FreeUserPhysicalPages
GenerateConsoleCtrlEvent
GetAtomNameA
GetCalendarInfoA
GetConsoleAliasA
GetConsoleAliasesW
GetConsoleCharType
GetConsoleKeyboardLayoutNameW
GetConsoleNlsMode
GetConsoleProcessList
GetCurrencyFormatA
GetCurrentConsoleFont
GetDateFormatA
GetExpandedNameA
GetFirmwareEnvironmentVariableW
GetFullPathNameA
GetHandleContext
GetLinguistLangSize
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleExA
GetNextVDMCommand
GetNumaProcessorMap
GetPrivateProfileStringW
GetProcAddress
GetProcessIoCounters
GetProcessShutdownParameters
GetProfileIntA
GetProfileIntW
GetStartupInfoA
GetSystemDefaultLangID
GetSystemTimeAsFileTime
GetThreadContext
GetThreadTimes
GetTimeZoneInformation
GetVolumePathNameW
GlobalFindAtomW
GlobalFree
GlobalUnlock
HeapDestroy
HeapValidate
InterlockedExchangeAdd
InterlockedPopEntrySList
IsBadHugeWritePtr
IsBadStringPtrA
IsBadWritePtr
IsDBCSLeadByte
IsDebuggerPresent
IsWow64Process
LCMapStringA
LZRead
LoadLibraryA
LocalFlags
LockFileEx
MapUserPhysicalPagesScatter
MapViewOfFileEx
NlsGetCacheUpdateCount
OpenDataFile
OpenSemaphoreW
PeekConsoleInputW
PrepareTape
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleInputA
ReadConsoleInputW
RemoveLocalAlternateComputerNameA
ResumeThread
RtlFillMemory
SearchPathW
SetCommConfig
SetCommMask
SetCommTimeouts
SetConsoleCursor
SetConsoleCursorPosition
SetConsoleFont
SetConsoleLocalEUDC
SetConsoleNumberOfCommandsA
SetConsoleOS2OemFormat
SetConsolePalette
SetConsoleTitleA
SetDllDirectoryA
SetFilePointer
SetProcessAffinityMask
SetSystemTime
SetTapeParameters
SetThreadIdealProcessor
SetUserGeoID
SetVolumeMountPointW
SwitchToThread
TerminateThread
Thread32First
TzSpecificLocalTimeToSystemTime
UnhandledExceptionFilter
UnlockFileEx
UpdateResourceW
ValidateLocale
VerifyConsoleIoHandle
VerifyVersionInfoA
WTSGetActiveConsoleSessionId
WaitNamedPipeW
WinExec
WriteConsoleW
WriteFile
WritePrivateProfileSectionA
WritePrivateProfileStringW
ZombifyActCtx
_lcreat
_lwrite
lstrcmp
lstrcmpiA
lstrcpynW
lstrlen

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4a31882b0b8b39bb2a5fc0f8e6cf95c

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB