165c40bac83ff62c40883bc2d6ed6456_JaffaCakes118

General

Target

165c40bac83ff62c40883bc2d6ed6456_JaffaCakes118
Size

80KB
MD5

165c40bac83ff62c40883bc2d6ed6456
SHA1

d9efca32bc858c83ec3903cc895e96f41ed4bf4a
SHA256

001fe4d208c4c11f39802684224c915caddf5eb97cc2642ac612ad67db5a3a8e
SHA512

dd2f39714e2afd1ca12a0d6906e2a05cf5282033529ec99141d10ed4de577c9a7ad028520b0b8bd6f59456a64fb4e97797029e99ce43ae5f6c82c2386f766fcd
SSDEEP

1536:ozRIPfy7ff5pvavEGAdK6dfE+eK7LiT5Q2M0zRMQ:M8fyzyvEGAvpE+v3Yq2M0zCQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
165c40bac83ff62c40883bc2d6ed6456_JaffaCakes118

Files

165c40bac83ff62c40883bc2d6ed6456_JaffaCakes118
.exe windows:5 windows x86 arch:x86

638b95f9adb96c571faee887d23c17ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
GetEnvironmentVariableW
GetStringTypeExA
MultiByteToWideChar
Sleep
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
lstrlenA
GetSystemTimeAsFileTime
InterlockedExchange
FormatMessageA
LoadLibraryA
GetCurrentThreadId
GlobalUnlock
GetStringTypeExW
FreeLibrary
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
GlobalLock
lstrcmpiW
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
GetLastError
GetCurrentProcessId
WideCharToMultiByte

user32

CharUpperW
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DeleteMenu
DrawIcon
GetWindowThreadProcessId
CharUpperA
GetClientRect
SetFocus
FindWindowA
SetForegroundWindow
EnableWindow
GetParent
AttachThreadInput
CharLowerW
CharLowerA
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
WinHelpA
GetSystemMetrics
LoadIconA

comctl32

ord17

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCloseKey

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

638b95f9adb96c571faee887d23c17ef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 992B

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 992B