2ed543ac0f5c084b4e1f935b5c239a75_JaffaCakes118

General

Target

2ed543ac0f5c084b4e1f935b5c239a75_JaffaCakes118
Size

34KB
MD5

2ed543ac0f5c084b4e1f935b5c239a75
SHA1

b1d8b4434f8fe0b5fefd87bfebd9375d263aa59c
SHA256

bfe9768c4f466691b783d297bc13e0f938e4ccf1fd472cf4fc929545729a92f4
SHA512

0606dada5700e800f9fd15529a216ea83776cacdc2bf8d37ec0438454fb9c9002600b65e722a8bcc13771666e1342399a0db20c3d57c5b575ae5c3ddaa8e5e1d
SSDEEP

768:UTWhTvxqra7fE8a1bh2dqLUgvL89Wrs1S0LY:tlqe7q1bhaqLUyL8Irs1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ed543ac0f5c084b4e1f935b5c239a75_JaffaCakes118

Files

2ed543ac0f5c084b4e1f935b5c239a75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

702efa9a447f460cee8a37e6c6f6f4d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetModuleFileNameA
GetStartupInfoA
GetTickCount
GetCurrentProcess
GetCurrentProcessId
Sleep
GetProcessHeap
GetCurrentThreadId
ExitProcess
GetProcessTimes
GetLastError
GetCurrentThread
GetPriorityClass
ExitThread
VirtualAlloc
CloseHandle
GetCommandLineA
LoadLibraryA
FreeLibrary
GetThreadPriority

user32

GetWindowTextA
GetWindow
GetForegroundWindow
GetWindowDC
UpdateWindow
GetSystemMetrics
GetDC
GetFocus
GetClassLongA
RegisterClassA
GetActiveWindow
GetWindowLongA
IsWindowVisible
OpenIcon
BeginPaint
ReleaseDC
ShowWindow
GetWindowTextLengthA
CreateWindowExA

advapi32

IsTextUnicode
GetUserNameA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA

version

GetFileVersionInfoA
VerLanguageNameA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TLS
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

702efa9a447f460cee8a37e6c6f6f4d5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 24KB

.TLS Size: 512B - Virtual size: 40B

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 24KB

.TLS
Size: 512B - Virtual size: 40B

.rsrc
Size: 5KB - Virtual size: 4KB