2a73f4079f532c43e65a5f1872e193db_JaffaCakes118

General

Target

2a73f4079f532c43e65a5f1872e193db_JaffaCakes118
Size

26KB
MD5

2a73f4079f532c43e65a5f1872e193db
SHA1

9ffc7f26d9d339ed2f04c556bdf9c3839cf79176
SHA256

eabf26f35f679f8f166f0733c1996f84558f02fe0bd3e47900c2a76012479aa6
SHA512

96e035cac6a16d2d753cbbcc99823194f01ada7baafeec1de0ebe55b89f9da38593525b6744a55eaf338bb9deb1f794c04e704cf9225617ca57d914c444eb094
SSDEEP

384:1t8wkCQDpQcn8Up6NYJz2D6b+GUGnKyVIPR4Ir1tmI4ROD:1t83CQDpQg6NYNy6dU4VIPRDr1tmTq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a73f4079f532c43e65a5f1872e193db_JaffaCakes118

Files

2a73f4079f532c43e65a5f1872e193db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b95f4c23491b16c821ca2d2be04fa4d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
CreateEventA
lstrcatA
WaitForSingleObject
Sleep
CloseHandle
DeleteFileA
ExitThread
GetModuleFileNameA
HeapAlloc
GetProcessHeap
HeapFree
lstrlenA
lstrcmpA
WaitForMultipleObjects
ResetEvent
CreateThread
SetEvent
WriteFile
GetSystemDirectoryA
CreateProcessA
SizeofResource
LoadResource
FindResourceA
Process32Next
Process32First
CreateToolhelp32Snapshot
FindClose
GetLastError
GetFileAttributesA

user32

DispatchMessageA
TranslateMessage
PeekMessageA
CreateWindowExA
CharUpperA
CloseWindow
DestroyWindow
GetForegroundWindow
wsprintfA
MsgWaitForMultipleObjects

advapi32

RegCreateKeyExA
RegNotifyChangeKeyValue
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b95f4c23491b16c821ca2d2be04fa4d1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 16KB - Virtual size: 16KB