2e68f5f158c54cecb2f65069adbfca88_JaffaCakes118

General

Target

2e68f5f158c54cecb2f65069adbfca88_JaffaCakes118
Size

61KB
MD5

2e68f5f158c54cecb2f65069adbfca88
SHA1

5869bbca35c09c8ff559fe4e6464e4180a2fb5fa
SHA256

fdd7459fb68641852a0574b45b72333eda53e3f99da78b4884aa12e7ca0bc2b0
SHA512

127da8ba86fdf8697f46da95aeaba58f71aab6f5f24fe430b136852b66b2d774aeee0b53ebde48590b298b9f4324fdbd87868e8e6a88432d9a09ee5d5b55b3cb
SSDEEP

1536:cb2V/hQoKndnYmZU32Ws9lJY+DWqoMxN:5bnud19a+DWvMX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e68f5f158c54cecb2f65069adbfca88_JaffaCakes118

Files

2e68f5f158c54cecb2f65069adbfca88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ede101cac0fe125cff86472560a0fbd4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowExA
EndDialog
SetThreadDesktop
OpenWindowStationA
ToUnicode
GetDlgItemTextA
GetClipboardData
SendMessageA
SetProcessWindowStation
DrawIcon
GetWindowThreadProcessId
GetKeyboardState
GetKeyState
CloseWindowStation

kernel32

InitializeCriticalSection
lstrcatA
VirtualAlloc
GetFileSizeEx
CopyFileW
CreateThread
FindResourceW
GetModuleHandleA
UnmapViewOfFile
VirtualProtect
HeapFree
GetSystemTime
GetFileSize
LeaveCriticalSection
GetProcAddress
GetSystemTimeAsFileTime
GetLocalTime
GetDiskFreeSpaceW
SetFilePointer
SystemTimeToFileTime
LoadLibraryA
GlobalLock

advapi32

RegDeleteValueA
CryptCreateHash
CryptAcquireContextW
CryptHashData
RegQueryValueExA
RegEnumKeyExA
CryptReleaseContext
RegCloseKey
GetUserNameW
RegCreateKeyExA
CryptGetHashParam
CryptDestroyHash

shlwapi

wvnsprintfA
PathCombineW
PathFindFileNameW
wnsprintfA
PathRemoveFileSpecW
StrCmpNIW
StrCmpNIA
SHDeleteKeyA

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ede101cac0fe125cff86472560a0fbd4

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

shlwapi

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 20KB