f94050e6245132ac6fbffc77d5955f4d_JaffaCakes118

General

Target

f94050e6245132ac6fbffc77d5955f4d_JaffaCakes118
Size

192KB
MD5

f94050e6245132ac6fbffc77d5955f4d
SHA1

5ea83c94f4f617682fafc192c9e368f2f5e427ac
SHA256

5dae77a0cb286a0ed1e430bdc78c4bd986f3217a3d1c7413997a71b455071c56
SHA512

ed63c3e006836e19ec19edd55859107d87df65333e8d70acc9d255ebe153cc90a1a64ca2cc375891a9dd5d4fad217a77d1be1b7e543a492697470077a08ae9f9
SSDEEP

3072:rKtHuR794y5aCsHXeuuISPXS7hlIzF0jEA21tiNuvR17doa3pOR2vLadLduFwa7O:rKtHY79J5anHXPu9S0zFM9M0NuvRnL3m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f94050e6245132ac6fbffc77d5955f4d_JaffaCakes118

Files

f94050e6245132ac6fbffc77d5955f4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5142d76f76d8d364e137eba3d64ee311

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
CreateFileA
FlushFileBuffers
SetProcessAffinityMask
LoadLibraryA
CreateFileW
LCMapStringA
MoveFileW
GetStringTypeW
DeleteCriticalSection
SetEndOfFile
CreateProcessW
WriteConsoleA
FreeEnvironmentStringsW
GlobalAlloc
GetCurrentProcessId
TerminateThread
GetSystemTimeAsFileTime
WriteFile
SetStdHandle
GetLocaleInfoA
ReadFile
Sleep
CreateEventW
FreeEnvironmentStringsA
InterlockedIncrement
EnumResourceTypesA
GetStringTypeA
LCMapStringW
GetModuleFileNameW
WriteConsoleW
GetOEMCP
GetEnvironmentStringsW
WaitNamedPipeA
OutputDebugStringW
GetCurrentThreadId
SetEvent
GetConsoleOutputCP
GetCPInfo
WaitForMultipleObjects
GetLocalTime
WaitForSingleObject
GetACP
InterlockedDecrement
IsValidCodePage
QueryPerformanceCounter
GetEnvironmentStrings
GlobalUnlock

imm32

ImmAssociateContext

ole32

CoMarshalHresult
CoSetProxyBlanket
CoTaskMemFree
CoQueryProxyBlanket
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoUninitialize
StringFromGUID2

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5142d76f76d8d364e137eba3d64ee311

Headers

File Characteristics

Imports

kernel32

imm32

ole32

Sections

.text Size: 121KB - Virtual size: 120KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 67KB - Virtual size: 66KB

.reloc Size: 1024B - Virtual size: 376KB

.text
Size: 121KB - Virtual size: 120KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 67KB - Virtual size: 66KB

.reloc
Size: 1024B - Virtual size: 376KB