ecfc5683afba6e30633111fde4a4ffcf_JaffaCakes118 | Triage

Sharing

General

Target

ecfc5683afba6e30633111fde4a4ffcf_JaffaCakes118
Size

61KB
MD5

ecfc5683afba6e30633111fde4a4ffcf
SHA1

91301f9ba69ed22fc9528d7082587d8cfa57a0e1
SHA256

cdfb50e4461f165cb458278727378d6b87bf43268377cb2d3618ee0ea2fc093e
SHA512

c66290909c15a59d8b6362876608f340909bdbe25a595f1e135e234c7e57ed0b0454872d6384c0a1ec1eaabd1d2109511d5f4ee05fad7e2f2733412b40658eb6
SSDEEP

768:56xDxxIZ+KzFGoLeGgy1scxGD1WRdDsTOxJgw+9SA+ShNwGSMiDPMGdzJ9IrStHV:52bKhN314WfUOxJgwFAXVIorz7M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecfc5683afba6e30633111fde4a4ffcf_JaffaCakes118

Files

ecfc5683afba6e30633111fde4a4ffcf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c808a251e9764d4144654c1f6167620

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetHashParam
CryptCreateHash
CryptAcquireContextW
RegSetValueExA
RegQueryValueExA
GetUserNameW
DuplicateTokenEx
RegCreateKeyExA
CryptDestroyHash
RegDeleteValueA
RegEnumKeyExA

kernel32

VirtualProtect
VirtualAlloc
lstrlenA
MultiByteToWideChar
Sleep
GlobalUnlock
SystemTimeToFileTime
GetSystemTime
GetSystemTimeAsFileTime
GetFileAttributesW
GetLocalTime
lstrcmpiW
ResetEvent
FindResourceW
GetLastError
GetVersionExW
ExpandEnvironmentStringsW
FindFirstFileW
GetModuleHandleA
GlobalLock

user32

CloseWindowStation
GetWindowLongA
SetProcessWindowStation
OpenDesktopA
MsgWaitForMultipleObjects
SetThreadDesktop
DispatchMessageA
PeekMessageA
GetDlgItemTextA
ToUnicode
LoadCursorA
CloseDesktop
GetMessageA

shlwapi

wvnsprintfA
PathRemoveFileSpecW
PathFileExistsW
StrCmpNIA
StrCmpNIW
PathFindFileNameW
SHDeleteKeyA
StrStrW
PathMatchSpecW
PathCombineW

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE