35d9ae0a147454a412f6bb2e2bfeb338_JaffaCakes118

General

Target

35d9ae0a147454a412f6bb2e2bfeb338_JaffaCakes118
Size

62KB
MD5

35d9ae0a147454a412f6bb2e2bfeb338
SHA1

558af31d4af116e9fd8f66af7d6df33f718d6f0a
SHA256

c7e8c0d97873f7e82798f5ca9183aa6356593ab3bdc46ea28432c866ea6d9133
SHA512

24edff71b410c1f73b3c654faee73c9053fb4d289fac79ee2899323501b7ac9bee71a22f73b517dbfb9b1ba3a91c08ca6a6e8ff0e0da25fdd3dfda2a20ce25cc
SSDEEP

1536:13FNfFNfGiAkbFm7vypTPBIMCwkHST8IRWuMv:1yiAKFmTyp6VwmK8IRu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35d9ae0a147454a412f6bb2e2bfeb338_JaffaCakes118

Files

35d9ae0a147454a412f6bb2e2bfeb338_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bfe0b2a48469ea4c90ce2414b43279a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
GetAtomNameW
VirtualAlloc
lstrcatA
GetTimeZoneInformation
VirtualProtect
SetEvent
GetModuleHandleA
lstrcpyA
FindFirstFileW
ReleaseMutex
HeapReAlloc
lstrcatW
FindResourceW
GetUserDefaultUILanguage
GetModuleFileNameW
GetLastError
lstrcpyW
SetFilePointer
EnterCriticalSection
GetFileTime
SystemTimeToFileTime
MulDiv
MultiByteToWideChar
GetDiskFreeSpaceW

user32

OpenWindowStationA
FindWindowExA
CloseWindowStation
GetWindowTextA
GetCursorPos
GetWindowLongA
LoadCursorA
SetThreadDesktop
CloseDesktop
OpenDesktopA
SendMessageA
GetKeyboardState
DispatchMessageA
GetKeyState
GetDlgItemTextA
GetIconInfo
GetClassNameA

advapi32

CryptDestroyHash
CryptCreateHash
CryptAcquireContextW
DuplicateTokenEx
CryptHashData
CryptReleaseContext
GetUserNameW
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegEnumKeyExA
RegCreateKeyExA

shlwapi

PathMatchSpecW
wvnsprintfA
PathCombineW
PathFindFileNameW
StrStrW
wnsprintfW
wvnsprintfW

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bfe0b2a48469ea4c90ce2414b43279a6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 24KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 24KB