6f4f820c07e134f8ac6f7ed0d9f8567e_JaffaCakes118

General

Target

6f4f820c07e134f8ac6f7ed0d9f8567e_JaffaCakes118
Size

62KB
MD5

6f4f820c07e134f8ac6f7ed0d9f8567e
SHA1

4699c0e95bc81681f3c2b3f5be5d51419e310bed
SHA256

93e7f4109711d62264dd5c292840556786b308a5014b9ef1691bbbabf4ed9aef
SHA512

cc86fa921a5e0e422b7ae603c901d7459375c75e64b5daf17fe737278d6f2f020f772ae98898734b79ba4b87da4dd7b67844c5a773cda2db193ecef2ba52b09d
SSDEEP

1536:/pptIZWfjqomDaX/kkPBSzjszCcVF0+ekO+Ay/MeF:/Xt3kOX/9Sz+Cv+ekv/MA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f4f820c07e134f8ac6f7ed0d9f8567e_JaffaCakes118

Files

6f4f820c07e134f8ac6f7ed0d9f8567e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8cb0baece236522521a60f5a43a73ea4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetAtomNameW
lstrcmpiA
GetFileAttributesA
GetModuleHandleA
VirtualProtect
MultiByteToWideChar
HeapAlloc
CloseHandle
GlobalUnlock
ReleaseMutex
LeaveCriticalSection
FindFirstFileW
lstrcatW
GetFileTime
GetModuleFileNameA
FindNextFileW
InitializeCriticalSection
GetSystemTimeAsFileTime
GetSystemTime

advapi32

CryptCreateHash
RegEnumKeyExA
CryptDestroyHash
CryptAcquireContextW
CryptHashData
RegSetValueExA
CryptGetHashParam
RegCreateKeyExA
CryptReleaseContext
RegCloseKey

shlwapi

PathCombineW
PathFileExistsW
wnsprintfW
PathMatchSpecW
PathFindFileNameW
StrCmpNIA
SHDeleteKeyA
PathRemoveFileSpecW
wnsprintfA

user32

GetWindowLongA
SetThreadDesktop
GetClassNameA
GetWindowTextA
ExitWindowsEx
GetMessageA
GetWindowThreadProcessId
MsgWaitForMultipleObjects
SendMessageA
OpenWindowStationA
SetProcessWindowStation
CloseWindowStation
FindWindowExA
GetKeyboardState
PeekMessageA

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8cb0baece236522521a60f5a43a73ea4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shlwapi

user32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 20KB