0dbb9b798edea99c0c383484808c4c2a_JaffaCakes118

General

Target

0dbb9b798edea99c0c383484808c4c2a_JaffaCakes118
Size

49KB
MD5

0dbb9b798edea99c0c383484808c4c2a
SHA1

4e2eff6254fcb07b03f0835ced6a7a107d3631a9
SHA256

29fc80c798758c88f9e26eb40e2da101067f35c0df13bc54112ddcf534dffa9b
SHA512

59d183dc04bf14b9a2cb6d066b592e595ef5b52985fd803ce734573fcf44b4c778892737227d56070bb9678d5fbbde61e44a5cd05431d8437919b8ad39c508d5
SSDEEP

768:qwVexhjeR1v+SNKrDs1mMoD45Lp1v7Ax1KCTWATyfDAsjCk7Lpn6X6dznrY5W:qwsx4jvBr1mt4hv075UfDAsjJn6KJnr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dbb9b798edea99c0c383484808c4c2a_JaffaCakes118

Files

0dbb9b798edea99c0c383484808c4c2a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c2d207950b1edd2a38980ac463cce195

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog
MsgWaitForMultipleObjects
GetForegroundWindow
GetKeyState
DispatchMessageW
SendMessageW
DrawIcon
GetMessageW
CloseDesktop
GetDlgItem
GetDlgItemTextW
GetCursorPos
GetWindowTextW
ToUnicode
LoadCursorW
GetIconInfo
CloseWindowStation
PeekMessageW
GetKeyboardState
GetWindowThreadProcessId
OpenDesktopA
PeekMessageA
GetClassNameW
OpenWindowStationA
CharLowerBuffA
FindWindowExW
GetDlgItemTextA
GetMessageA
GetClipboardData
SetProcessWindowStation
GetWindowLongW
SetThreadDesktop
ExitWindowsEx

kernel32

GetUserDefaultUILanguage
lstrcpyA
CopyFileW
GetTempPathW
GetThreadPriority
lstrcmpiA
lstrcatW
CloseHandle
GetFileTime
lstrcpynW
MultiByteToWideChar
lstrcatA
GetLogicalDrives
ReadFile
GetLastError
SetEndOfFile
SetThreadPriority
HeapFree
CreateEventW
WaitForSingleObject
WideCharToMultiByte
GetCurrentProcessId
lstrcmpiW
GetModuleFileNameA
MoveFileExW
Sleep
FindFirstFileW
FlushFileBuffers
GetProcessTimes
MapViewOfFile
WriteFile
lstrlenW
OpenProcess
OpenMutexW
UnmapViewOfFile
SetFileAttributesW
GetCommandLineA
DeleteFileW
lstrcpyW
GetVersionExW
GetTickCount
GetSystemTimeAsFileTime
CreateMutexW
CreateFileMappingW
WriteProcessMemory
GlobalLock
CreateProcessW
SetFileTime
GetDriveTypeW
GetFileSizeEx
GetExitCodeProcess
SystemTimeToFileTime
FindResourceW
GetTempFileNameW
GetComputerNameW
InitializeCriticalSection
GlobalUnlock

Sections

.czeb
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dkz
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dmp
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2d207950b1edd2a38980ac463cce195

Headers

File Characteristics

Imports

user32

kernel32

Sections

.czeb Size: 39KB - Virtual size: 61KB

.dkz Size: 2KB - Virtual size: 5KB

.dmp Size: 7KB - Virtual size: 80KB

.czeb
Size: 39KB - Virtual size: 61KB

.dkz
Size: 2KB - Virtual size: 5KB

.dmp
Size: 7KB - Virtual size: 80KB