0f796e8ada7995d08f9fc457e06e3da5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0f796e8ada7995d08f9fc457e06e3da5_JaffaCakes118
Size

56KB
MD5

0f796e8ada7995d08f9fc457e06e3da5
SHA1

7c286970f69a991f3b57283405c20717a9d75b05
SHA256

411972a7ef8919a5d5bf828a77bb306e83d071395203bb7f6eb3eb534d834a32
SHA512

788787911874ee2024c68bac41de3dd6cce436123ffd5dcf93cff8810216e7f950e23daf000760f2c2ae924cce800f5781f47540967dd8ada9f0ca93e551d7dc
SSDEEP

1536:20eKfOFF+gLLUh6fi8jyR7aWw6boZa6QrK3C6:XJ+LQmKRdcS6C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f796e8ada7995d08f9fc457e06e3da5_JaffaCakes118

Files

0f796e8ada7995d08f9fc457e06e3da5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

73d1d9559af5330008b81e5b9e6ad527

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextW
CloseDesktop
GetMessageA
LoadCursorW
ExitWindowsEx
OpenWindowStationA
SetThreadDesktop
GetWindowLongW
GetForegroundWindow
ToUnicode
GetClassNameW
DispatchMessageW
CloseWindowStation
PeekMessageA
PeekMessageW
GetDlgItemTextA
SetProcessWindowStation
OpenDesktopA
EndDialog
GetIconInfo
MsgWaitForMultipleObjects
SendMessageW
GetDlgItem
FindWindowExW
GetKeyboardState
GetMessageW
CharLowerBuffA
GetClipboardData
GetCursorPos
GetWindowThreadProcessId
GetKeyState
GetWindowTextW
DrawIcon

kernel32

GetProcessTimes
MoveFileExW
GetTempPathW
WriteProcessMemory
CreateFileW
FlushFileBuffers
GetVersionExW
SetThreadPriority
GetTickCount
WaitForSingleObject
GetTimeZoneInformation
InitializeCriticalSection
CreateThread
GetSystemTime
ReleaseMutex
GetLastError
GetLocalTime
GetLogicalDrives
GetUserDefaultUILanguage
lstrcmpiW
lstrcpyA
SetEvent
lstrcpynW
lstrcpyW
UnmapViewOfFile
GetCurrentThreadId
GetModuleFileNameA
CreateProcessW
GetExitCodeProcess
SetLastError
lstrcatW
GetModuleFileNameW
DeleteFileW
FindNextFileW
GetComputerNameW
GetFileTime
GlobalLock
lstrcmpiA
HeapAlloc
CopyFileW
WideCharToMultiByte
CreateDirectoryW
LeaveCriticalSection
lstrcatA
FindResourceW
GetTempFileNameW
CreateMutexW
MapViewOfFile
CreateFileMappingW
lstrlenW
ReadFile
GlobalUnlock
GetDriveTypeW
HeapReAlloc
ExpandEnvironmentStringsW
CloseHandle
CreateEventW

Sections

.sdqzgh
Size: 19KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ohkvax
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tezsv
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.parmx
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73d1d9559af5330008b81e5b9e6ad527

Headers

File Characteristics

Imports

user32

kernel32

Sections

.sdqzgh Size: 19KB - Virtual size: 39KB

.ohkvax Size: 6KB - Virtual size: 10KB

.tezsv Size: 1KB - Virtual size: 1KB

.parmx Size: 27KB - Virtual size: 132KB

.rsrc Size: 1KB - Virtual size: 4KB

.sdqzgh
Size: 19KB - Virtual size: 39KB

.ohkvax
Size: 6KB - Virtual size: 10KB

.tezsv
Size: 1KB - Virtual size: 1KB

.parmx
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 1KB - Virtual size: 4KB