2e921456c3464e4a017dcc63ac7b9c09_JaffaCakes118

General

Target

2e921456c3464e4a017dcc63ac7b9c09_JaffaCakes118
Size

10KB
MD5

2e921456c3464e4a017dcc63ac7b9c09
SHA1

edc2a38ae5a6851c0aa1cb32f3815d772c4a38dc
SHA256

dd0a5d3fe81c6afefe88c947212f3c042444a74ccd995563de32a428e536d695
SHA512

83726c5e9f02c0444ad0f30aa0a5d48eefab6067c046a1baa9c415f783b6d573f704e7eab288bf525f7d8aa5a535f995cb4ae32431947617561d669c250297e2
SSDEEP

192:NNNX1/NxDt4ibfvhh5GCvCimK/u6MVjn4ObNagPY:NNl1FDFrZh5G4DmK/uVVjn4ObNagPY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e921456c3464e4a017dcc63ac7b9c09_JaffaCakes118

Files

2e921456c3464e4a017dcc63ac7b9c09_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4fe2e0e4781085224bf2db7381b71cb9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitThread
FileTimeToSystemTime
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetDriveTypeA
GetFileAttributesA
GetFileTime
GetModuleFileNameA
GetModuleHandleA
EnumResourceTypesA
GetVolumeInformationA
GetWindowsDirectoryA
LoadLibraryA
Sleep
SystemTimeToTzSpecificLocalTime
Thread32First
Thread32Next
VirtualAlloc
VirtualProtect
DeviceIoControl
DisableThreadLibraryCalls
DeleteFileA
CreateToolhelp32Snapshot
CreateThread
CreateFileA
GetProcAddress
CloseHandle

user32

GetWindowTextA
GetDlgItemTextA
SendMessageA
GetDC
GetClassNameA
EnumThreadWindows
GetDlgItem
SendDlgItemMessageA

advapi32

GetCurrentHwProfileA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
GetUserNameA

gdi32

GetPixel

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fe2e0e4781085224bf2db7381b71cb9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

shell32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: - Virtual size: 16KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 1024B - Virtual size: 740B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: - Virtual size: 16KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 1024B - Virtual size: 740B