e79d230f0e633f62747aa25b8a997fea_JaffaCakes118

General

Target

e79d230f0e633f62747aa25b8a997fea_JaffaCakes118
Size

46KB
MD5

e79d230f0e633f62747aa25b8a997fea
SHA1

e6a78634b2d77624ef43f19e0c5c46eed3fb18d6
SHA256

33d5bad8d7b1c628086b7caf36c444f59dafc1053e92e000df448462ba767a6c
SHA512

b239049f7e8de8d59a9a954f232be53d321be2db3a436146135a3014bf9ea21e0af7618cbd7c41a9389eaac614b14922fda451faa5031c885aba28b1cf92d8f0
SSDEEP

768:z61kDl/SZGOvLN0n4kNFojEvVaNopkE13MxyjFbypzU0bI5dvtATlNqjmMT:qkxaZHvLa4uoHO3M4jFbyK/5Nt8bq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e79d230f0e633f62747aa25b8a997fea_JaffaCakes118

Files

e79d230f0e633f62747aa25b8a997fea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2ca323ce9b654bfb1299d1196544160f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetIconInfo
GetWindowLongW
OpenWindowStationA
GetDlgItemTextA
PeekMessageA
FindWindowExW
GetDlgItemTextW
DispatchMessageW
GetClassNameW
GetKeyState
GetWindowTextW
GetKeyboardState
LoadCursorW
DrawIcon
CharLowerBuffA
GetMessageW
SetProcessWindowStation
GetDlgItem
MsgWaitForMultipleObjects
GetCursorPos
ExitWindowsEx
GetWindowThreadProcessId
GetClipboardData
CloseWindowStation
CloseDesktop
GetMessageA
SendMessageW
PeekMessageW
OpenDesktopA
EndDialog
SetThreadDesktop
ToUnicode
GetForegroundWindow

kernel32

GetLastError
CreateProcessW
WriteProcessMemory
lstrcpyA
OpenMutexW
GetModuleHandleA
SetLastError
GetModuleFileNameW
MoveFileExW
GetComputerNameW
HeapAlloc
LeaveCriticalSection
SetFileTime
lstrlenA
GetLocalTime
IsBadReadPtr
MultiByteToWideChar
GetSystemTime
SetFilePointer
FindClose
GetTickCount
lstrcatW
EnterCriticalSection
GetVersionExW
DisconnectNamedPipe
GetModuleFileNameA
FindNextFileW
OpenProcess
GetDriveTypeW
GetLogicalDrives
GetSystemTimeAsFileTime
lstrcpynW
InitializeCriticalSection
HeapFree
CloseHandle
CreateThread
MapViewOfFile
WaitForSingleObject
GetProcessHeap
GetTimeZoneInformation
GetFileSizeEx
HeapReAlloc
GetTempPathW
SetEvent
DeleteFileW
lstrcatA
GlobalUnlock
WideCharToMultiByte
lstrcmpiW
FindFirstFileW
WriteFile
GetProcessTimes
UnmapViewOfFile
GetUserDefaultUILanguage
SetEndOfFile
GlobalLock
GetFileSize

Sections

.onqhcl
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hst
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jodsd
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ca323ce9b654bfb1299d1196544160f

Headers

File Characteristics

Imports

user32

kernel32

Sections

.onqhcl Size: 36KB - Virtual size: 56KB

.hst Size: 2KB - Virtual size: 4KB

.jodsd Size: 7KB - Virtual size: 76KB

.onqhcl
Size: 36KB - Virtual size: 56KB

.hst
Size: 2KB - Virtual size: 4KB

.jodsd
Size: 7KB - Virtual size: 76KB