09fc84c5f203fe207cdfcb051ee8c229_JaffaCakes118

General

Target

09fc84c5f203fe207cdfcb051ee8c229_JaffaCakes118
Size

62KB
MD5

09fc84c5f203fe207cdfcb051ee8c229
SHA1

998c8b88a8534e63c116f939b8ebbd790d404364
SHA256

02b4be6df05bfe56e82c9c334b712b2eac58479335a41b9038fd5cf9677976c0
SHA512

20c9162f04db8ee9807924e1c69aaf3f4f1fb9b228dafa6fd52350930228000419f5552ecb180902d374c2a207d4f1fd90a806ed35d96e17ccb0c08a3772ad42
SSDEEP

1536:dnYaHE6+THyajf37MZE0vZeihdR0zBhT1EbaD02:dYJ6gHr0PvcqoBhBj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09fc84c5f203fe207cdfcb051ee8c229_JaffaCakes118

Files

09fc84c5f203fe207cdfcb051ee8c229_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2bf13511bafd8fd73dba8d66fece7d0b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardState
GetCursorPos
GetWindowTextA
GetIconInfo
GetClassNameA
GetDlgItem
CloseWindowStation
SendMessageA
PeekMessageA
SetThreadDesktop
CloseDesktop
GetForegroundWindow
GetClipboardData
FindWindowExA
DispatchMessageA

kernel32

HeapAlloc
UnmapViewOfFile
SetEvent
GetAtomNameW
GetSystemTime
CreateProcessW
VirtualProtect
FindClose
GetLastError
GetModuleHandleA
CopyFileW
lstrlenW
FindResourceW
VirtualAlloc
lstrcpyA
GetCommandLineA
GetModuleFileNameW
lstrcatA
GetFileAttributesA
WideCharToMultiByte
HeapFree
GetEnvironmentVariableW
lstrlenA
FindNextFileW

advapi32

RegEnumKeyExA
CryptAcquireContextW
RegQueryValueExA
CryptCreateHash
RegDeleteValueA
DuplicateTokenEx
GetUserNameW
CryptDestroyHash
CryptHashData
RegCreateKeyExA
RegSetValueExA
CryptReleaseContext

shlwapi

PathFindFileNameW
PathFileExistsW
wnsprintfW
SHDeleteKeyA
wnsprintfA
StrCmpNIA
StrCmpNIW
PathCombineW
wvnsprintfW
PathRemoveFileSpecW
PathMatchSpecW
StrStrW
wvnsprintfA

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2bf13511bafd8fd73dba8d66fece7d0b

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

shlwapi

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 20KB