51ff9b1d1cd1e4908bbea86bd01c6f62_JaffaCakes118

General

Target

51ff9b1d1cd1e4908bbea86bd01c6f62_JaffaCakes118
Size

111KB
MD5

51ff9b1d1cd1e4908bbea86bd01c6f62
SHA1

7470f6f14c4985237093d9b7f3f049b3d7995a2a
SHA256

02e83cab730d920708d6413f048ee972d693a73c49b3a422d25357820257b2f4
SHA512

eb581625b12747da70719c255227e82cfdd4454cb3f0a383321e6fcc964e5e6e52d3941ddde29bc352a1c801872d5211822128f789c4207ff9b9148df2c63fa1
SSDEEP

3072:JRpueyVFfHDSXB0HZ/DiyrEUa3HOwtRajLRK:tu7YByDiyQUcu1LRK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51ff9b1d1cd1e4908bbea86bd01c6f62_JaffaCakes118

Files

51ff9b1d1cd1e4908bbea86bd01c6f62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

791293ad7773123a7a03284fe2946089

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
GetUserNameW
RegEnumKeyExA
CryptGetHashParam
CryptHashData
CryptAcquireContextW
RegQueryValueExA
CryptReleaseContext
RegCloseKey
RegCreateKeyExA

shlwapi

PathMatchSpecW
PathCombineW
wnsprintfA
SHDeleteKeyA
wvnsprintfA
PathFileExistsW
StrStrW
StrCmpNIW
wnsprintfW
StrCmpNIA
wvnsprintfW
PathFindFileNameW
PathRemoveFileSpecW

kernel32

ResetEvent
GetTickCount
GetModuleFileNameA
lstrcpynW
lstrcmpiA
lstrcpyW
MultiByteToWideChar
GetLocalTime
GetTimeZoneInformation
ExpandEnvironmentStringsW
GetEnvironmentVariableW
lstrcmpiW
SetFileTime
GetModuleFileNameW
GetFileSizeEx
GetSystemTimeAsFileTime
CreateMutexW
FindClose
CloseHandle
GlobalUnlock
CreateFileA
GetCurrentThreadId
LoadLibraryA
VirtualAlloc
VirtualProtect
GetModuleHandleA

user32

GetClassNameA
GetCursorPos
GetWindowThreadProcessId
GetDlgItemTextA
LoadCursorA
MsgWaitForMultipleObjects
ToUnicode
FindWindowExA
DispatchMessageA
SetThreadDesktop

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 853B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

791293ad7773123a7a03284fe2946089

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shlwapi

kernel32

user32

Sections

.text Size: 61KB - Virtual size: 60KB

.data Size: 1KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 853B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 61KB - Virtual size: 60KB

.data
Size: 1KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 853B

.rsrc
Size: 2KB - Virtual size: 2KB