fb54c7ac0ae993f9523f9fb9f24ee8ee_JaffaCakes118 | Triage

Sharing

General

Target

fb54c7ac0ae993f9523f9fb9f24ee8ee_JaffaCakes118
Size

67KB
MD5

fb54c7ac0ae993f9523f9fb9f24ee8ee
SHA1

adb44a9f810b0ec015048bd8c3a2d172d89de55a
SHA256

6cc66d0c726d2c851223301d58ccee1158ae6a7c09cb0ea186b7a59dea1c1dd0
SHA512

38adc2c281c5fea0a6772f33fd81b1346ba394ecfaf437a9027a9d9b080c7e97986338c434df6a469c72cc9096f1695f21d6099d868b60fc0a2ed738ac4168e1
SSDEEP

1536:CO5Vno30HDKlB57uqQmHw5AmpTUEUYDZSxx+SX:H5do3a6dZRsAmpTU9Lx+E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb54c7ac0ae993f9523f9fb9f24ee8ee_JaffaCakes118

Files

fb54c7ac0ae993f9523f9fb9f24ee8ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62ef8f6ae4033f28f8a862765618df1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptCreateHash
CryptHashData
GetUserNameW
CryptGetHashParam
RegSetValueExA
RegCloseKey
CryptDestroyHash

user32

CharLowerBuffA
CloseDesktop
OpenDesktopA
GetCursorPos
GetClipboardData
ToUnicode
GetClassNameA
GetDlgItemTextA
OpenWindowStationA
SetThreadDesktop
SetProcessWindowStation
GetForegroundWindow
GetWindowThreadProcessId
GetWindowTextA
DrawIcon
GetIconInfo
PeekMessageA
GetMessageA

shlwapi

StrCmpNIW
StrStrW
PathFindFileNameW
PathMatchSpecW
wnsprintfW
PathFileExistsW
PathRemoveFileSpecW
PathCombineW
wvnsprintfW
wnsprintfA
StrCmpNIA
wvnsprintfA

kernel32

CloseHandle
GetFileAttributesA
lstrcatA
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExpandEnvironmentStringsW
GetUserDefaultUILanguage
SetFileTime
SetFilePointer
VirtualAlloc
CreateMutexW
CreateProcessW
GetCommandLineA
InitializeCriticalSection
ResetEvent
HeapReAlloc
SetEvent
GetVersionExW
GetModuleHandleA

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE