14045afffd71fb8dfa01f606a670d77c_JaffaCakes118

General

Target

14045afffd71fb8dfa01f606a670d77c_JaffaCakes118
Size

342KB
MD5

14045afffd71fb8dfa01f606a670d77c
SHA1

e317bf915a5b2a84ed473413b387d6e4d2f6b760
SHA256

06387824193f3235d6a4d17e6d5f4c7752e773a145c173b8797f3842410c5c82
SHA512

e31958834a9c15632b5fbd9e5636df8275a58877eefb6e47cd0eafd43993480cd7175481bef053cd7c5bd2a59d33da09c13a71d3d7d66da0111c7bb938b62459
SSDEEP

6144:yr5AAOSMLzXeGOoy2VXeEpewNT6YJzzDCV63QdW+131DjqlzjiZi99sgvOdSjjNQ:6HfEzXexoPXe2p6Y5zDCs3cWSa1j8i92

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14045afffd71fb8dfa01f606a670d77c_JaffaCakes118

Files

14045afffd71fb8dfa01f606a670d77c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3c14349f5c75a4cd8a497b7901a3f83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageA
OpenWindowStationA
GetDlgItemTextA
GetWindowTextA
GetKeyState
GetIconInfo
OpenDesktopA
SetThreadDesktop
GetDlgItem
ExitWindowsEx
LoadCursorA
ToUnicode
GetMessageA
CloseDesktop
GetKeyboardState
FindWindowExA
GetCursorPos
MsgWaitForMultipleObjects
GetWindowLongA
CharLowerBuffA
GetWindowThreadProcessId

kernel32

GetCommandLineA
VirtualProtect
WaitForSingleObject
FindNextFileW
GetModuleHandleA
TryEnterCriticalSection
CloseHandle
SetFilePointer
GetTimeZoneInformation
GetVersionExW
MultiByteToWideChar
GetFileTime
ReleaseMutex
GetProcAddress
VirtualAlloc
GetFileSize
InitializeCriticalSection
CreateEventW
SetEvent
GetFileAttributesA
GetSystemTime

shlwapi

PathMatchSpecW
wnsprintfA
SHDeleteKeyA
PathFileExistsW
PathRemoveFileSpecW
wnsprintfW
StrCmpNIW
wvnsprintfA
wvnsprintfW
PathCombineW
StrCmpNIA

advapi32

DuplicateTokenEx
RegCloseKey
CryptCreateHash
RegDeleteValueA
GetUserNameW
RegEnumKeyExA
CryptAcquireContextW
RegQueryValueExA
CryptReleaseContext
RegCreateKeyExA

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a3c14349f5c75a4cd8a497b7901a3f83

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

shlwapi

advapi32

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 20KB