f0e5a718e1f0742e05dc2ad128d79a4a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0e5a718e1f0742e05dc2ad128d79a4a_JaffaCakes118
Size

67KB
MD5

f0e5a718e1f0742e05dc2ad128d79a4a
SHA1

013dbac12438afd1a64c5bbdc7abbe1ab0a27371
SHA256

45dab9c847f033a21160447eb6c1ac0fd452e08bc464f9840b16dc0f382827a1
SHA512

b32d210bd2d305f294a0a7d7e51dc02fe479f91891ad969666943a6e1aa57caabbf80885ef8a2e61d6b7e795f7bcbae2e2d854d7990d0391e7a6b975d8c3984d
SSDEEP

1536:fiNkBnwU/B2aqWshb5jaBwKZpsZHdKO1bOWMAlON/1PtYPt:KNUnw1ffjqLZpkHdhx+9NTYPt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0e5a718e1f0742e05dc2ad128d79a4a_JaffaCakes118

Files

f0e5a718e1f0742e05dc2ad128d79a4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

515c78081dd35c7f4aa446b00fae6b77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DuplicateTokenEx
CryptReleaseContext
CryptCreateHash
CryptDestroyHash
CryptHashData
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
GetUserNameW
CryptAcquireContextW
RegQueryValueExA
CryptGetHashParam
RegCloseKey

user32

EndDialog
GetWindowTextA
CharLowerBuffA
MsgWaitForMultipleObjects
GetKeyState
GetWindowLongA
CloseWindowStation
GetDlgItem
SetThreadDesktop
GetWindowThreadProcessId
PeekMessageA
GetClassNameA
CloseDesktop
FindWindowExA
GetForegroundWindow

kernel32

VirtualProtect
VirtualAlloc
GetLocalTime
SystemTimeToFileTime
GetFileAttributesA
CreateEventW
InitializeCriticalSection
GetTickCount
GetModuleFileNameA
lstrlenW
FindClose
EnterCriticalSection
lstrlenA
GetUserDefaultUILanguage
CreateThread
LeaveCriticalSection
GetFileSizeEx

shlwapi

PathMatchSpecW
StrStrW
StrCmpNIA
wvnsprintfW
PathFindFileNameW
StrCmpNIW
PathFileExistsW
SHDeleteKeyA
PathCombineW
PathRemoveFileSpecW
wnsprintfA

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE