0852dd75249d9060eb22f715d9ba53bf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0852dd75249d9060eb22f715d9ba53bf_JaffaCakes118
Size

53KB
MD5

0852dd75249d9060eb22f715d9ba53bf
SHA1

6efd0bcfdfdc565181ccd80f7459f0cadd7b60eb
SHA256

7bf93de40169bf5fd3f1ba15636d6ea113d0a1a47fe32421ba29b456dd916994
SHA512

b99f8f68175b6b8689ecf92a4f4af5ad6deb9cd15c5bea3207aaebfef3129ca30ea8323b7cbd7313810a4ed45e5ed3896674ed92bb4f8454c7678b47d44cec7c
SSDEEP

1536:gxKOvJvc67yy2Qs4YS67STaBuHQJTjdeW2J:Z2DyUslZhBu68VJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0852dd75249d9060eb22f715d9ba53bf_JaffaCakes118

Files

0852dd75249d9060eb22f715d9ba53bf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d0542cfd3794cf441d0a0c51aced8b70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
lstrcpyW
GetLocalTime
FindNextFileW
FlushFileBuffers
HeapReAlloc
FindFirstFileW
SetEvent
IsBadReadPtr
LeaveCriticalSection
MapViewOfFile
Sleep
lstrcpyA
GetTempFileNameW
HeapAlloc
GetCurrentProcessId
MultiByteToWideChar
GetFileTime
CopyFileW
GlobalUnlock
lstrcatW
CreateMutexW
WriteFile
GetSystemTime
GetDriveTypeW
CreateThread
GetVersionExW
GetLogicalDrives
GetModuleFileNameA
lstrcmpiA
lstrlenW
ReadFile
CloseHandle
GetComputerNameW
FindResourceW
ResetEvent
GetFileSize
CreateDirectoryW
GetCurrentThreadId
OpenProcess
ReleaseMutex
lstrcatA
SetFilePointer
SetThreadPriority
lstrlenA
OpenMutexW
SystemTimeToFileTime
SetFileAttributesW
GetModuleHandleA
GetCommandLineA
GetSystemTimeAsFileTime
ExpandEnvironmentStringsW
MoveFileExW
GetThreadPriority
SetLastError
SetEndOfFile
GetLastError
GetFileSizeEx
GetTempPathW
GetUserDefaultUILanguage
EnterCriticalSection
GetProcessTimes
DisconnectNamedPipe
CreateFileW
CreateEventW
SetFileTime
GetModuleFileNameW
lstrcpynW
WriteProcessMemory
GetExitCodeProcess
FindClose
UnmapViewOfFile
GetProcessHeap
CreateProcessW
GetTickCount
WideCharToMultiByte
WaitForSingleObject
HeapFree
InitializeCriticalSection
GetTimeZoneInformation
DeleteFileW
CreateFileMappingW
lstrcmpiW

user32

GetWindowTextW
SetProcessWindowStation
GetClipboardData
GetKeyState
PeekMessageW
GetCursorPos
CharLowerBuffA
ExitWindowsEx

Sections

.gzuhgd
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tgn
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qfmbcr
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xcjsl
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0542cfd3794cf441d0a0c51aced8b70

Headers

File Characteristics

Imports

kernel32

user32

Sections

.gzuhgd Size: 18KB - Virtual size: 39KB

.tgn Size: 5KB - Virtual size: 10KB

.qfmbcr Size: 1024B - Virtual size: 1KB

.xcjsl Size: 26KB - Virtual size: 132KB

.rsrc Size: 1KB - Virtual size: 4KB

.gzuhgd
Size: 18KB - Virtual size: 39KB

.tgn
Size: 5KB - Virtual size: 10KB

.qfmbcr
Size: 1024B - Virtual size: 1KB

.xcjsl
Size: 26KB - Virtual size: 132KB

.rsrc
Size: 1KB - Virtual size: 4KB