2c2208d0ea6b3b97dbd5611f2e3c85ef_JaffaCakes118

General

Target

2c2208d0ea6b3b97dbd5611f2e3c85ef_JaffaCakes118
Size

123KB
MD5

2c2208d0ea6b3b97dbd5611f2e3c85ef
SHA1

0c5e9c9a745f0461e076bf76db2a7a147b25a325
SHA256

11beed63a925cad5252e518a187cb3ce1e5b92f3e4284d7c883be34cd7ea6331
SHA512

5b0bd127b4fcaefa7baab8714a05789b8723eeace4b35ff1749ad51cc1840ffc6f0830547969300f8283634d2a37b528ea3640e4f8ce67bd4f3d55f43d2b30e3
SSDEEP

3072:/107UvFUnRTBLtdvZzqVj/zepUQ1+OAR4pnlO+oIKvCRAGoBidb:/E3LtdhUjr3Rdec+nKvCRXos5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c2208d0ea6b3b97dbd5611f2e3c85ef_JaffaCakes118

Files

2c2208d0ea6b3b97dbd5611f2e3c85ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc41a0bd7c829f1ebef478c6acd717c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptCreateHash
CryptDestroyHash
RegDeleteValueA
CryptAcquireContextW
GetUserNameW
DuplicateTokenEx
CryptGetHashParam
CryptHashData
RegQueryValueExA
RegEnumKeyExA
RegSetValueExA
CryptReleaseContext

shlwapi

PathRemoveFileSpecW
StrStrW
StrCmpNIW
StrCmpNIA
SHDeleteKeyA
wvnsprintfA
PathCombineW
wnsprintfA
PathFileExistsW
wnsprintfW
wvnsprintfW

user32

OpenDesktopA
FindWindowExA
GetKeyState
DispatchMessageA
PeekMessageA
GetWindowThreadProcessId
GetClassNameA
ToUnicode
DrawIcon
GetCursorPos
GetWindowTextA
ExitWindowsEx

kernel32

FindNextFileW
VirtualAlloc
WideCharToMultiByte
GetLocalTime
lstrcatW
TryEnterCriticalSection
GetEnvironmentVariableW
GetAtomNameW
VirtualProtect
CreateProcessW
GetModuleFileNameW
CreateEventW
LoadLibraryA
WaitForSingleObject
CreateMutexW
UnmapViewOfFile
GetProcAddress
lstrcmpiA
GetModuleHandleA

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cc41a0bd7c829f1ebef478c6acd717c3

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shlwapi

user32

kernel32

Sections

.text Size: 58KB - Virtual size: 58KB

.data Size: 1KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 924B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 1KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 924B

.rsrc
Size: 2KB - Virtual size: 2KB