e8a7fb625b767134fa23ebcce1067e1a_JaffaCakes118

General

Target

e8a7fb625b767134fa23ebcce1067e1a_JaffaCakes118
Size

46KB
MD5

e8a7fb625b767134fa23ebcce1067e1a
SHA1

0d8326afee4cd6491afb2a244fdc46929ee659d5
SHA256

901dbf33d9da15e2d03023547218a541de339eeb57e5b5322c58e223951faad3
SHA512

dbed1d819accd73214c1f12a6c9f36b51ab8ab63a12ca966cc6395978e4034b1a76858ecd0dc7d2eedcff8011405d3d4c4b31c3f9c40a05a0d1ba5c993cd98d2
SSDEEP

768:MeYXuycNKjmk1aa6/1tA6eM8msjBJoNp5/19TV6gy6rtKAsIuE8BdzDFzQCdDAFC:6ZjmkMAG8mJdt9p+AtKATuE8BRpUcD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8a7fb625b767134fa23ebcce1067e1a_JaffaCakes118

Files

e8a7fb625b767134fa23ebcce1067e1a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

24e34decd6b4b19521c2805ca24f9ebe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CloseDesktop
EndDialog
LoadCursorW
GetIconInfo
OpenWindowStationA
GetDlgItemTextW
GetForegroundWindow
DrawIcon
GetClassNameW
SendMessageW
GetMessageW
ToUnicode
GetKeyboardState
OpenDesktopA
SetThreadDesktop
GetDlgItem
GetMessageA
MsgWaitForMultipleObjects
GetClipboardData
GetKeyState
ExitWindowsEx
GetWindowThreadProcessId
PeekMessageW
FindWindowExW
SetProcessWindowStation
GetWindowTextW
PeekMessageA
DispatchMessageW
CloseWindowStation
GetDlgItemTextA
GetCursorPos
GetWindowLongW
CharLowerBuffA

kernel32

GetCurrentThreadId
ReadFile
MultiByteToWideChar
GlobalUnlock
GetVersionExW
GetCurrentProcessId
SetFileAttributesW
CopyFileW
OpenProcess
LeaveCriticalSection
FindResourceW
GetModuleFileNameA
CreateDirectoryW
GetFileTime
SetEvent
SetLastError
ExpandEnvironmentStringsW
GetProcessHeap
OpenMutexW
GetDriveTypeW
WideCharToMultiByte
HeapFree
lstrcpyW
GetExitCodeProcess
GetModuleHandleA
GetModuleFileNameW
UnmapViewOfFile
lstrcmpiW
GetTimeZoneInformation
lstrcpyA
GetProcessTimes
ReleaseMutex
WriteFile
CreateThread
GetTempFileNameW
GetFileSizeEx
SystemTimeToFileTime
WaitForSingleObject
GetLogicalDrives
MapViewOfFile
lstrcatA
lstrlenW
HeapReAlloc
FindFirstFileW
HeapAlloc
GetSystemTime
GetComputerNameW
GetSystemTimeAsFileTime
SetEndOfFile
GetTempPathW
CreateFileW
DisconnectNamedPipe
CloseHandle
WriteProcessMemory
FindClose
GetFileSize
Sleep
CreateFileMappingW

Sections

.qbqt
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ahux
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtafkd
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24e34decd6b4b19521c2805ca24f9ebe

Headers

File Characteristics

Imports

user32

kernel32

Sections

.qbqt Size: 36KB - Virtual size: 56KB

.ahux Size: 2KB - Virtual size: 4KB

.qtafkd Size: 7KB - Virtual size: 76KB

.qbqt
Size: 36KB - Virtual size: 56KB

.ahux
Size: 2KB - Virtual size: 4KB

.qtafkd
Size: 7KB - Virtual size: 76KB