054c639fc8f7e707ed0a4a3d96ed4d43_JaffaCakes118

General

Target

054c639fc8f7e707ed0a4a3d96ed4d43_JaffaCakes118
Size

303KB
MD5

054c639fc8f7e707ed0a4a3d96ed4d43
SHA1

21569e7a97983c41d784a281c8b929af4e69139c
SHA256

980407a0546534363f2f1546863c49562f1ca8aff3ea5cea129dccdcded48385
SHA512

61eef17a4656d3f543dcb084217dc1070c47e6f00aa79d05a7c2964b6d70efda789474c90c45f624543ae87def41b3e5cb99a57e428d708a9c1a861bea99dcc1
SSDEEP

6144:BHAIdl09Dmo1qESGD/drEWidqbhTaAPAxkjh2uwAVzurtjZ:BZc1cWFEWSqbhTaAPmkt2u/S5d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
054c639fc8f7e707ed0a4a3d96ed4d43_JaffaCakes118

Files

054c639fc8f7e707ed0a4a3d96ed4d43_JaffaCakes118
.exe windows:5 windows x86 arch:x86

32cb827b31cc54b644814207d389b35f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextW
GetKeyboardState
PeekMessageA
MsgWaitForMultipleObjects
GetMessageA
LoadCursorW
ToUnicode
OpenWindowStationA
CloseWindowStation
GetClassNameW
EndDialog
PeekMessageW
SetThreadDesktop
DispatchMessageW
FindWindowExW
GetWindowLongW
GetKeyState
CharLowerBuffA
GetDlgItemTextA
CloseDesktop
DrawIcon
SetProcessWindowStation
OpenDesktopA
GetCursorPos
GetWindowTextW
GetForegroundWindow
ExitWindowsEx
GetIconInfo
SendMessageW
GetClipboardData
GetDlgItem
GetWindowThreadProcessId
GetMessageW

kernel32

CreateFileW
lstrcatW
LeaveCriticalSection
lstrlenW
DeleteFileW
lstrlenA
FindClose
EnterCriticalSection
GetSystemTime
FlushFileBuffers
CreateThread
CreateEventW
GetTickCount
GetSystemTimeAsFileTime
GetDriveTypeW
lstrcpyA
MultiByteToWideChar
GetThreadPriority
SetLastError
SetFileAttributesW
OpenProcess
UnmapViewOfFile
InitializeCriticalSection
lstrcatA
GetCommandLineA
lstrcpyW
HeapReAlloc
HeapAlloc
WriteFile
CreateMutexW
GetProcessHeap
IsBadReadPtr
CreateDirectoryW
SetEvent
FindResourceW
GetFileTime
GetCurrentProcessId
MoveFileExW
ReadFile
GlobalUnlock
GetUserDefaultUILanguage
SystemTimeToFileTime
DisconnectNamedPipe
lstrcpynW
GetModuleFileNameA
CopyFileW
SetFilePointer
GetModuleFileNameW
GetExitCodeProcess
SetThreadPriority
Sleep
WaitForSingleObject
GetComputerNameW
GetTimeZoneInformation
GetLastError
HeapFree
CreateProcessW

Sections

.fmfkb
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lgv
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fqdox
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32cb827b31cc54b644814207d389b35f

Headers

File Characteristics

Imports

user32

kernel32

Sections

.fmfkb Size: 39KB - Virtual size: 61KB

.lgv Size: 2KB - Virtual size: 5KB

.fqdox Size: 7KB - Virtual size: 80KB

.fmfkb
Size: 39KB - Virtual size: 61KB

.lgv
Size: 2KB - Virtual size: 5KB

.fqdox
Size: 7KB - Virtual size: 80KB