180d0abe17141d14841bb755181d1e8c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

180d0abe17141d14841bb755181d1e8c_JaffaCakes118
Size

65KB
MD5

180d0abe17141d14841bb755181d1e8c
SHA1

6c88653aeb5dc646790a3599e8b5c255ac66081d
SHA256

3b181d9985a6a1228298c5c3d8c608ff8c42199c52fe35137cad863e9a41f4ad
SHA512

b0dc281f29c02f2d6f1c678ecd3812e6f7a502e23ec6d230ea914a077837bc68fd85515f83fc48f6061e39087d489296cd24eeda0aad60da973919d01ccf9634
SSDEEP

1536:hKNVXtdScgqReZvskRdYRGH/JETLhDtyLIN4shJ:hKNVXkGkRBqhDtyO4WJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
180d0abe17141d14841bb755181d1e8c_JaffaCakes118

Files

180d0abe17141d14841bb755181d1e8c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c0e9be4d203502de0c80db9e7dfe3a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItem
GetIconInfo
GetClipboardData
GetClassNameA
GetDlgItemTextA
EndDialog
GetWindowThreadProcessId
DrawIcon
CloseWindowStation
LoadCursorA
GetWindowLongA
CharLowerBuffA
CloseDesktop
ToUnicode
GetCursorPos
ExitWindowsEx
GetKeyboardState
SetThreadDesktop

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
CryptHashData
CryptAcquireContextW
DuplicateTokenEx
RegCloseKey
CryptCreateHash
CryptReleaseContext

kernel32

WideCharToMultiByte
VirtualAlloc
lstrcatA
VirtualProtect
lstrcpyW
ExpandEnvironmentStringsW
GetSystemTime
MultiByteToWideChar
GetFileAttributesA
GetFileSizeEx
LoadLibraryA
lstrcmpiA
SetFilePointer
InitializeCriticalSection
FindResourceW
ReleaseMutex
HeapReAlloc

shlwapi

PathMatchSpecW
PathFindFileNameW
wnsprintfW
wvnsprintfA
SHDeleteKeyA
PathRemoveFileSpecW
wnsprintfA
PathCombineW
wvnsprintfW
StrCmpNIW

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE