210f1ac72b52dd5ceabe49daa982d824_JaffaCakes118

General

Target

210f1ac72b52dd5ceabe49daa982d824_JaffaCakes118
Size

59KB
MD5

210f1ac72b52dd5ceabe49daa982d824
SHA1

87e0ef92fa1387a8ebbd16fbdcec79e64970dad1
SHA256

a8fd47336eff5aa9d2ffe807582de13bd05d824e502dea1f7861e5652ff19dfb
SHA512

87e626ca69ca0c4f974edf89c327e1e642ebe49e3a59c8235e0e43a9f05f5888923ea898725d3607b18d18168289a6dcb3025adb6521430e8185008fce97491d
SSDEEP

1536:MZ7LIQmXJL/DKN4gP6jFB7ZS5McJ0iMjz:MZ7DmX9GN4gAH7ZDcGiMjz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
210f1ac72b52dd5ceabe49daa982d824_JaffaCakes118

Files

210f1ac72b52dd5ceabe49daa982d824_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e94a0f4a6689f612ae80c7a0275425c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
HeapFree
lstrlenA
VirtualAlloc
GetCommandLineA
EnterCriticalSection
FindNextFileW
CreateFileA
CreateThread
WideCharToMultiByte
GetFileAttributesW
VirtualProtect
GetUserDefaultUILanguage
SetEvent
GlobalUnlock
FindFirstFileW
GetFileSizeEx
GetTickCount
SetFileTime
lstrcmpiW
lstrcatA
WaitForSingleObject
ResetEvent
FindResourceW
InitializeCriticalSection
GetFileSize

advapi32

RegCloseKey
CryptHashData
CryptReleaseContext
DuplicateTokenEx
RegDeleteValueA
GetUserNameW
RegEnumKeyExA
CryptDestroyHash
CryptGetHashParam
RegSetValueExA
CryptCreateHash

user32

GetClassNameA
EndDialog
ToUnicode
FindWindowExA
ExitWindowsEx
SetProcessWindowStation
GetDlgItem
SendMessageA
GetDlgItemTextA
GetWindowThreadProcessId
GetIconInfo
GetKeyboardState
GetForegroundWindow
GetWindowTextA
DrawIcon
CloseDesktop
OpenWindowStationA
GetClipboardData

shlwapi

wnsprintfW
PathRemoveFileSpecW
PathFileExistsW
PathMatchSpecW
wvnsprintfW
SHDeleteKeyA
wnsprintfA
PathFindFileNameW
StrCmpNIA

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e94a0f4a6689f612ae80c7a0275425c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

shlwapi

Sections

.text Size: 58KB - Virtual size: 57KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 58KB - Virtual size: 57KB

.data
Size: 512B - Virtual size: 20KB