f63de8589967965b51eec1d6438574df_JaffaCakes118

General

Target

f63de8589967965b51eec1d6438574df_JaffaCakes118
Size

49KB
MD5

f63de8589967965b51eec1d6438574df
SHA1

7fa84ec441dce6a9eb21960dff5690cd98babd52
SHA256

f0a6da5feb715e07b7639814e166b5dbb253637821f2de2432df557d788998a0
SHA512

a18fd8b9c270535ec302ed41674a41a41cad2b98f879eba71db6746fe2a5235a6f9a2af9418362ab48dd5aaeed43d71783959e8e6715c7e5168135f561b22353
SSDEEP

768:xXrZepiCTS8+75m8tcVdQjHb2a1yKmlo8bGwDa7UHxV60SIZFSuEGAA7PXDyS:lrgICI08sdQraa4Km5bOmx+W1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f63de8589967965b51eec1d6438574df_JaffaCakes118

Files

f63de8589967965b51eec1d6438574df_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b81a951309b0531d9ffd69ad2f065cfc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetIconInfo
DispatchMessageW
CharLowerBuffA
GetWindowTextW
GetDlgItem
GetWindowThreadProcessId
PeekMessageW
CloseDesktop
GetKeyState
GetMessageW
SetThreadDesktop
SetProcessWindowStation
OpenWindowStationA
GetWindowLongW
GetDlgItemTextW
SendMessageW
GetMessageA
CloseWindowStation
GetCursorPos
GetKeyboardState
ToUnicode
MsgWaitForMultipleObjects
PeekMessageA
FindWindowExW
GetDlgItemTextA
ExitWindowsEx
LoadCursorW
GetClassNameW
EndDialog
DrawIcon
GetForegroundWindow
GetClipboardData
OpenDesktopA

kernel32

SetEvent
CloseHandle
GetProcessTimes
lstrlenA
GetProcessHeap
GetLogicalDrives
HeapAlloc
SetLastError
lstrcmpiW
IsBadReadPtr
WideCharToMultiByte
GetLocalTime
SetEndOfFile
GetTempPathW
WriteProcessMemory
FindFirstFileW
GetCurrentThreadId
OpenMutexW
WriteFile
InitializeCriticalSection
GetTempFileNameW
FindResourceW
LeaveCriticalSection
MultiByteToWideChar
ResetEvent
FindClose
UnmapViewOfFile
SetFileTime
HeapReAlloc
Sleep
CopyFileW
GetComputerNameW
SetFilePointer
CreateProcessW
lstrcatW
GetDriveTypeW
GetThreadPriority
SetFileAttributesW
GetExitCodeProcess
DisconnectNamedPipe
lstrcmpiA
MoveFileExW
SetThreadPriority
GetCurrentProcessId
HeapFree
GetFileSize
GetModuleFileNameA
GlobalLock
CreateThread
SystemTimeToFileTime
DeleteFileW
MapViewOfFile
GetTimeZoneInformation
CreateFileMappingW
GetModuleHandleA
CreateDirectoryW
lstrcpynW

Sections

.vmdsn
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ctazmf
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cxcxiv
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b81a951309b0531d9ffd69ad2f065cfc

Headers

File Characteristics

Imports

user32

kernel32

Sections

.vmdsn Size: 39KB - Virtual size: 61KB

.ctazmf Size: 2KB - Virtual size: 5KB

.cxcxiv Size: 7KB - Virtual size: 80KB

.vmdsn
Size: 39KB - Virtual size: 61KB

.ctazmf
Size: 2KB - Virtual size: 5KB

.cxcxiv
Size: 7KB - Virtual size: 80KB