feb5dbe92184504f7348e90915377ede_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

feb5dbe92184504f7348e90915377ede_JaffaCakes118
Size

61KB
MD5

feb5dbe92184504f7348e90915377ede
SHA1

fac199f721abbeeda076c3676afe8b64156789e5
SHA256

4730b43a24ff1429ff43c6f027d97a44f7a8c21846167fd5d470b97e0d752462
SHA512

40897ab347f3c8b9a7e3b2fd095820371b735625a075847b8802081711a0c3ef9ae74866ed6f61a86d2c54bd3e1718197f57944b10e3a57e25479d05bf3b3318
SSDEEP

1536:BS7PK47TbwV2XfDgZJDafznwAHUcpo97yWiDCht:BoZ7TbPD+akAHTpxCht

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feb5dbe92184504f7348e90915377ede_JaffaCakes118

Files

feb5dbe92184504f7348e90915377ede_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cde8c70db24eaf219a4b393286fced8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextA
ExitWindowsEx
SetThreadDesktop
LoadCursorA
OpenDesktopA
GetKeyboardState
SendMessageA
EndDialog
DrawIcon
GetWindowLongA
CharLowerBuffA
GetIconInfo
ToUnicode
GetDlgItemTextA
GetClassNameA
MsgWaitForMultipleObjects

kernel32

VirtualAlloc
GlobalUnlock
VirtualProtect
GetVersionExW
OpenMutexW
lstrcatW
lstrlenW
FindNextFileW
GetTimeZoneInformation
CreateProcessW
GetFileAttributesW
FindResourceW
GetSystemTimeAsFileTime
SetFileTime
GetSystemTime
ResetEvent
CreateEventW
WaitForSingleObject
HeapAlloc
lstrcmpiA
SetEvent
MultiByteToWideChar

shlwapi

SHDeleteKeyA
PathRemoveFileSpecW
wnsprintfW
PathFindFileNameW
wvnsprintfA
StrCmpNIA
PathMatchSpecW
StrStrW
wvnsprintfW
wnsprintfA
PathFileExistsW
StrCmpNIW

advapi32

CryptDestroyHash
CryptCreateHash
GetUserNameW
RegEnumKeyExA
DuplicateTokenEx
CryptReleaseContext
CryptGetHashParam
CryptHashData
RegSetValueExA
RegCloseKey
CryptAcquireContextW
RegQueryValueExA
RegCreateKeyExA

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE