e90179cfb1120be4f3ade5c2c5578a77_JaffaCakes118

General

Target

e90179cfb1120be4f3ade5c2c5578a77_JaffaCakes118
Size

193KB
MD5

e90179cfb1120be4f3ade5c2c5578a77
SHA1

0b3d7ca0656d915dc3debc5b5b3df45913d7f56a
SHA256

9d8e49259ce0ace0dff60387ab055fe3772b19291fa7ba3c98f338c508cf5f2b
SHA512

930652d54554e9b5765140ba7af76352759d5fe3be9408a8fab1050e263ebec003f38d8641fc1114da80633e70f060b42381cb17cf7565df52ae024662b72066
SSDEEP

6144:V3iMVHKa9HNwa51sxAEfA4mg/q+TDpXF9JI+M:PhEabIAmmg/rpvq+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e90179cfb1120be4f3ade5c2c5578a77_JaffaCakes118

Files

e90179cfb1120be4f3ade5c2c5578a77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a6206fd5507e2316687ed70c1a0d997

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
InterlockedIncrement
OutputDebugStringW
SetProcessAffinityMask
GetLocalTime
WriteFile
GetEnvironmentStringsW
SetEvent
GetStringTypeA
GlobalLock
QueryPerformanceCounter
LoadLibraryA
WriteConsoleW
WaitForSingleObject
GetACP
LCMapStringA
GetConsoleOutputCP
SetEndOfFile
CreateFileA
CreateProcessW
FreeEnvironmentStringsA
Sleep
GetLocaleInfoA
WaitForMultipleObjects
GetCPInfo
EnumResourceTypesA
GetStringTypeW
GetCurrentThreadId
DeleteCriticalSection
GetCurrentProcessId
GetSystemTimeAsFileTime
ReadFile
SetNamedPipeHandleState
WriteConsoleA
GlobalAlloc
FlushFileBuffers
InterlockedDecrement
SetStdHandle
IsValidCodePage
GetOEMCP
LCMapStringW
CreateEventW
TerminateThread
CreateFileW
FreeEnvironmentStringsW
GetModuleFileNameW
MoveFileW
GlobalUnlock

ole32

CoMarshalHresult
CoUninitialize
CoInitializeSecurity
CoInitializeEx
CoSetProxyBlanket
CoTaskMemFree
CoCreateInstance
CoQueryProxyBlanket
StringFromGUID2

imm32

ImmAssociateContext

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a6206fd5507e2316687ed70c1a0d997

Headers

File Characteristics

Imports

kernel32

ole32

imm32

Sections

.text Size: 120KB - Virtual size: 120KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 68KB - Virtual size: 68KB

.reloc Size: 1024B - Virtual size: 244KB

.text
Size: 120KB - Virtual size: 120KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 68KB - Virtual size: 68KB

.reloc
Size: 1024B - Virtual size: 244KB