JaffaCakes118_494ff3a7ff00cade6e861ec93ad2a299

General

Target

JaffaCakes118_494ff3a7ff00cade6e861ec93ad2a299
Size

192KB
MD5

494ff3a7ff00cade6e861ec93ad2a299
SHA1

7e1cc006af5e1d1606b2625f6e3788cb8cd1f183
SHA256

a793e45bc5702bcd117fe4efed6095d38933acfde9b91c9e10c3e2d11cd1ff08
SHA512

74d793b358934afad45a94cc39afac9539e077b8d1754f6d202fe4f78ed25b291b344613ed0259c25aca7bcdcebdb95a00ad8ccda4a0151c1fc38852b98ce82f
SSDEEP

3072:nmiMyXlfGaXTmpu8E9XsoLPCrCo0RIyE0qzvv8jsRkZNeVOq4NkgTOliJzsTn7bz:nmwVxX6o8EBKCNOLvWZyMNkow4A/2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_494ff3a7ff00cade6e861ec93ad2a299

Files

JaffaCakes118_494ff3a7ff00cade6e861ec93ad2a299
.exe windows:4 windows x86 arch:x86

a492a535465acf4b6fc3f743774c19c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext

kernel32

GetConsoleOutputCP
CreateFileW
FreeEnvironmentStringsA
GetCurrentThreadId
WriteConsoleW
IsValidCodePage
WriteFile
SetProcessAffinityMask
LCMapStringA
GetSystemTimeAsFileTime
MoveFileW
SetEndOfFile
TerminateThread
GetModuleFileNameW
DeleteCriticalSection
ReadFile
InterlockedDecrement
GetEnvironmentStrings
GlobalLock
CreateFileA
WriteConsoleA
GetCPInfo
OutputDebugStringW
WaitForSingleObject
GetCurrentProcessId
EnumResourceTypesA
LCMapStringW
Sleep
GetACP
FreeEnvironmentStringsW
CreateEventW
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
SetStdHandle
LoadLibraryA
FlushFileBuffers
GetProfileIntA
GetOEMCP
SetEvent
InterlockedIncrement
QueryPerformanceCounter
WaitForMultipleObjects
CreateProcessW
GlobalAlloc
GetLocalTime
GetEnvironmentStringsW
GlobalUnlock

ole32

CoMarshalHresult
CoSetProxyBlanket
CoInitializeEx
CoQueryProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoTaskMemFree
CoUninitialize
StringFromGUID2

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a492a535465acf4b6fc3f743774c19c9

Headers

File Characteristics

Imports

imm32

kernel32

ole32

Sections

.text Size: 121KB - Virtual size: 121KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 66KB - Virtual size: 66KB

.reloc Size: 1024B - Virtual size: 376KB

.text
Size: 121KB - Virtual size: 121KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 66KB - Virtual size: 66KB

.reloc
Size: 1024B - Virtual size: 376KB