08133aed58aff67c3485f44617c4e21e_JaffaCakes118

General

Target

08133aed58aff67c3485f44617c4e21e_JaffaCakes118
Size

61KB
MD5

08133aed58aff67c3485f44617c4e21e
SHA1

7d67611e14d00e012533b766306f86e154b3528b
SHA256

01dd839aa4e1086b71b18c5a42161460fdb0d7f8caf6eb2347276852f8b8e7b3
SHA512

5b8522771ef2570790e26b8d98d25d0e0edb902cb0af6e83dd2cf63e8d0c74688f2c2002479a37e761856615c270483cfdade2960d921ee687800221efc33d32
SSDEEP

1536:PY+G3KbaK9EVDwl8gLjs9GKPltsHd8fFTv4G2+rcFcW:hGavX/s9pWcF7R1M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08133aed58aff67c3485f44617c4e21e_JaffaCakes118

Files

08133aed58aff67c3485f44617c4e21e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d5ff6c8965c6d029864177b1ba19282

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
wnsprintfA
wvnsprintfA
PathMatchSpecW
StrStrW
wnsprintfW
PathCombineW
SHDeleteKeyA
PathRemoveFileSpecW
PathFindFileNameW

kernel32

VirtualProtect
VirtualAlloc
Sleep
GlobalLock
GetModuleHandleA
lstrcpynW
ResetEvent
FindResourceW
WideCharToMultiByte
SystemTimeToFileTime
GetDiskFreeSpaceW
SetFilePointer
CreateFileA
CreateMutexW
GetProcAddress
GetFileAttributesA
CreateProcessW
GetLastError
GetFileSizeEx
FindFirstFileW
GetUserDefaultUILanguage
ReleaseMutex

advapi32

CryptAcquireContextW
RegDeleteValueA
RegQueryValueExA
RegEnumKeyExA
RegCloseKey
RegSetValueExA
DuplicateTokenEx
CryptReleaseContext
RegCreateKeyExA

user32

GetMessageA
SendMessageA
GetWindowLongA
CloseDesktop
MsgWaitForMultipleObjects
GetCursorPos
GetDlgItemTextA
GetClassNameA
GetWindowTextA
GetForegroundWindow
OpenDesktopA
FindWindowExA
OpenWindowStationA
GetKeyState
GetWindowThreadProcessId
DispatchMessageA
ExitWindowsEx
GetIconInfo

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d5ff6c8965c6d029864177b1ba19282

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

advapi32

user32

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 20KB