82e3060e99dbacdcc8f57a45ba3a6d9e_JaffaCakes118

General

Target

82e3060e99dbacdcc8f57a45ba3a6d9e_JaffaCakes118
Size

148KB
MD5

82e3060e99dbacdcc8f57a45ba3a6d9e
SHA1

43752d70a00c6d33a4052f946cd5ac48e2909697
SHA256

a70fc544fd76d068158a8d86bad3130ed112134462786c85a05f5375740eddad
SHA512

03217487dd8efc45111ad8cf9fe0ff2fc09e9a512ba8e71536675639b5e61a67b077da8f75a068aaa2c63e0961dfb87535bff8e7430c234cf4cd596f01950e90
SSDEEP

3072:+SSRG8ACT3lF9tjczQS7DSZM621iMBfIk9i6QOPQIy2G1B3H90o3:+FCCT3FpQDQ21zNcdOIIy2SHeo3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82e3060e99dbacdcc8f57a45ba3a6d9e_JaffaCakes118

Files

82e3060e99dbacdcc8f57a45ba3a6d9e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6bab95cdd793629a67ffd04ac558e21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
ExpandEnvironmentStringsW
GetLastError
GetTickCount
WideCharToMultiByte
CreateEventW
lstrcatA
GetSystemTime
GetFileSize
VirtualProtect
Sleep
lstrcatW
ReleaseMutex
MulDiv
TryEnterCriticalSection
GetFileAttributesA
FindResourceW
CloseHandle
CopyFileW
LoadLibraryA
GetModuleHandleA
lstrcpyW
GetSystemTimeAsFileTime
CreateProcessW
GetEnvironmentVariableW
GetFileAttributesW
CreateThread
CreateFileA
GetCommandLineA
WaitForSingleObject
GetCurrentThreadId
VirtualAlloc
GetProcAddress
GetVersionExW

advapi32

RegCreateKeyExA
CryptCreateHash
CryptDestroyHash
GetUserNameW
RegSetValueExA
DuplicateTokenEx
RegDeleteValueA
CryptGetHashParam
RegQueryValueExA
RegEnumKeyExA
RegCloseKey
CryptHashData
CryptReleaseContext

shlwapi

PathFileExistsW
PathMatchSpecW
StrStrW
wnsprintfW
wvnsprintfA
wvnsprintfW
PathCombineW
StrCmpNIA
wnsprintfA
StrCmpNIW
PathFindFileNameW
PathRemoveFileSpecW

user32

GetWindowThreadProcessId
GetWindowLongA
GetDlgItem
CloseDesktop
PeekMessageA
GetForegroundWindow
FindWindowExA
OpenWindowStationA
CloseWindowStation
EndDialog
ToUnicode
GetKeyState
GetClipboardData
CharLowerBuffA
OpenDesktopA

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6bab95cdd793629a67ffd04ac558e21

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shlwapi

user32

Sections

.text Size: 61KB - Virtual size: 60KB

.data Size: 1KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 982B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 61KB - Virtual size: 60KB

.data
Size: 1KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 982B

.rsrc
Size: 2KB - Virtual size: 2KB