ffb32b1118494e76ec6a612dee1c3030_JaffaCakes118

General

Target

ffb32b1118494e76ec6a612dee1c3030_JaffaCakes118
Size

49KB
MD5

ffb32b1118494e76ec6a612dee1c3030
SHA1

113ad53bd4415bd762d4295e785ffe87123d0892
SHA256

8ecf295f61553710701f02b117a4908fdb0d6923b4c21dc3d5290e466ec5bac7
SHA512

265f15c0a6bc9fb884f86a97cdbbba3372b14eb528a59b3746ec1188cbdc690454d0013581057a927ef85942a475f537892954f4cc0b3a3e2ab236273f2e178e
SSDEEP

768:sVbHBmZYh3lDy9vxhLGKuBqopDYI6o6m6hfHH3SJVLMAfRmnzzgO4u0kPBc2riPl:slQZYh3Bs/GKZOB6h/iJBMAJm/sYC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffb32b1118494e76ec6a612dee1c3030_JaffaCakes118

Files

ffb32b1118494e76ec6a612dee1c3030_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4e9d67da20d74613fee6755f9e080f55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItem
GetClassNameW
CharLowerBuffA
ToUnicode
GetMessageA
PeekMessageW
GetMessageW
OpenWindowStationA
MsgWaitForMultipleObjects
FindWindowExW
SetProcessWindowStation
OpenDesktopA
GetForegroundWindow
DispatchMessageW
ExitWindowsEx
GetWindowThreadProcessId
GetCursorPos
GetKeyboardState
GetIconInfo
CloseWindowStation
PeekMessageA
GetWindowTextW
GetDlgItemTextA
SetThreadDesktop
SendMessageW
GetWindowLongW
DrawIcon
GetClipboardData
GetKeyState
CloseDesktop
LoadCursorW
EndDialog
GetDlgItemTextW

kernel32

SetFilePointer
GetModuleFileNameA
ResetEvent
InitializeCriticalSection
lstrlenA
CreateFileW
GetTempPathW
GetExitCodeProcess
GetLastError
lstrcatW
FindClose
DisconnectNamedPipe
MoveFileExW
CloseHandle
GlobalUnlock
FindResourceW
WriteProcessMemory
LeaveCriticalSection
CreateThread
SetFileAttributesW
GetDriveTypeW
MultiByteToWideChar
CreateProcessW
HeapAlloc
MapViewOfFile
ReleaseMutex
GetSystemTimeAsFileTime
lstrlenW
GetFileTime
FindFirstFileW
FindNextFileW
lstrcpyA
GetLogicalDrives
SetEvent
GetCommandLineA
WideCharToMultiByte
ExpandEnvironmentStringsW
HeapFree
lstrcatA
GetModuleHandleA
lstrcmpiA
GetUserDefaultUILanguage
SetLastError
GlobalLock
GetFileSizeEx
HeapReAlloc
GetCurrentThreadId
EnterCriticalSection
Sleep
WriteFile
lstrcpynW
GetCurrentProcessId
GetProcessHeap
SetThreadPriority
CreateDirectoryW
GetTimeZoneInformation
GetThreadPriority

Sections

.rmrwx
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tqx
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pqrit
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e9d67da20d74613fee6755f9e080f55

Headers

File Characteristics

Imports

user32

kernel32

Sections

.rmrwx Size: 39KB - Virtual size: 61KB

.tqx Size: 2KB - Virtual size: 5KB

.pqrit Size: 7KB - Virtual size: 80KB

.rmrwx
Size: 39KB - Virtual size: 61KB

.tqx
Size: 2KB - Virtual size: 5KB

.pqrit
Size: 7KB - Virtual size: 80KB