349e45f1d57a2a92134fc90737525e38_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

349e45f1d57a2a92134fc90737525e38_JaffaCakes118
Size

59KB
MD5

349e45f1d57a2a92134fc90737525e38
SHA1

343df2347e628be45eb29520fa2b6e7f409c4483
SHA256

d3b02060e5206b727a39ea115875d354e7ac3635b8964e578657b72166f10687
SHA512

19456e167853757ec568805252784917a970abaabd7c1444af884829274fbccf6233ad64e28beb2af8901335db9f7854c0a1fb0d8b386f81d4016cd4e4448706
SSDEEP

1536:7pgEa7f778YqcHRZNX5tcITrTrgCc+bDJvHDyU7KlYyJf:tRmsYqyNX5tTTrgTYjyUhyJf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
349e45f1d57a2a92134fc90737525e38_JaffaCakes118

Files

349e45f1d57a2a92134fc90737525e38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96169ea53a49a7e02b6c3bbae8860cd5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
VirtualProtect
GetModuleFileNameW
GetTickCount
lstrcpyW
lstrlenA
SetEvent
VirtualAlloc
GetFileAttributesA
GetModuleHandleA
lstrcmpiW
HeapReAlloc
GetProcAddress
SystemTimeToFileTime
WaitForSingleObject
GetFileAttributesW
MultiByteToWideChar
Sleep
GetFileSizeEx
GlobalUnlock
GetLocalTime
GetVersionExW
CloseHandle

user32

GetClassNameA
MsgWaitForMultipleObjects
SetProcessWindowStation
GetWindowThreadProcessId
OpenDesktopA
GetMessageA
OpenWindowStationA
CloseWindowStation
ExitWindowsEx
SendMessageA
GetIconInfo
GetKeyState
GetWindowLongA
GetDlgItem
ToUnicode

advapi32

CryptReleaseContext
DuplicateTokenEx
RegSetValueExA
CryptDestroyHash
RegDeleteValueA
CryptGetHashParam
GetUserNameW
CryptHashData
RegQueryValueExA
CryptAcquireContextW

shlwapi

PathCombineW
PathRemoveFileSpecW
PathMatchSpecW
StrCmpNIW
wnsprintfW
wvnsprintfA
wnsprintfA
PathFindFileNameW
SHDeleteKeyA
StrStrW
StrCmpNIA

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE