b64c4763f7c82ab2d977f11a843acb51_JaffaCakes118

General

Target

b64c4763f7c82ab2d977f11a843acb51_JaffaCakes118
Size

113KB
MD5

b64c4763f7c82ab2d977f11a843acb51
SHA1

82d194c45bb27403d833dc4f20f8ada413f0b66a
SHA256

d2ca6835fb148b726465e594dacded3dd058498a4f02f15a5785235e7bb3c148
SHA512

895599b0117a61adb9f883d81858036e68abd5a39528b022f1146646271893e50c4a6dc3ae58e0d9cb97c3b4005273d8ce14bfd26ae08a39f7b6e0ee25dd0156
SSDEEP

3072:vJcwEFfzrwfyyKRl6R5rRHjNGn/YF8l0mOmU+ll:vmFfwfbKRkSn/YFI0mFU+L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b64c4763f7c82ab2d977f11a843acb51_JaffaCakes118

Files

b64c4763f7c82ab2d977f11a843acb51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73eee3b4ea39781d338bf670946b3e1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
TlsFree
GetModuleFileNameA
VirtualAlloc
GetDriveTypeA
TlsSetValue
TlsGetValue
IsValidCodePage
GetACP
TlsAlloc
GetCurrentProcess
GetLogicalDrives
GetModuleHandleA
FreeLibrary
GetCurrentThreadId
Sleep
GetCurrentThread
lstrcatA
GetCurrentProcessId
lstrcmpA
GetCommandLineA

user32

GetFocus
GetSystemMetrics
RegisterClassA
UpdateWindow
BeginPaint
GetWindowTextLengthA
GetDC
GetWindowLongA
ReleaseDC
CreateWindowExA
OpenIcon
GetWindowDC
GetForegroundWindow
GetClassLongA
GetWindow
GetWindowTextA
IsWindowVisible
ShowWindow
GetActiveWindow

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
IsTextUnicode
GetUserNameA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
VerLanguageNameA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

73eee3b4ea39781d338bf670946b3e1a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 100KB

.rsrc Size: 2KB - Virtual size: 72KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 100KB

.rsrc
Size: 2KB - Virtual size: 72KB