2aa0d402afceecb070a52adf010e27b1_JaffaCakes118

General

Target

2aa0d402afceecb070a52adf010e27b1_JaffaCakes118
Size

53KB
MD5

2aa0d402afceecb070a52adf010e27b1
SHA1

53549eb4b41de246e1a482c7d914121cac956caf
SHA256

6f98f25dc06fa0b4c05c4df4bfee402722c74d50894a6391e4bdddf88a9d6056
SHA512

5ab609c0176cf1ef08e9521874e853a7b9d337b3a4062e7cde6ec5d5480fc04f5d337391dde502f29384ad8a11b99e175e76dfba7febb3792cf00c3fbb78dae6
SSDEEP

1536:eetzO/FutxYTuZ1bbqe4NdbTLxkvS7z58l:eet6//MbWnBSa718l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aa0d402afceecb070a52adf010e27b1_JaffaCakes118

Files

2aa0d402afceecb070a52adf010e27b1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

734ff48de91956fc46c7d299230210fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
lstrcatA
GetCurrentThreadId
lstrcmpiA
CreateProcessW
GetDriveTypeW
GetFileTime
WriteFile
InitializeCriticalSection
SetEndOfFile
GetThreadPriority
GetTickCount
CloseHandle
CreateThread
FindResourceW
Sleep
lstrlenA
lstrcpyW
GetLastError
GetLogicalDrives
OpenMutexW
OpenProcess
HeapReAlloc
SystemTimeToFileTime
SetEvent
MapViewOfFile
GetModuleHandleA
GlobalLock
GetTempFileNameW
GlobalUnlock
MultiByteToWideChar
CopyFileW
CreateFileW
lstrcpynW
GetModuleFileNameA
GetProcessTimes
GetSystemTime
GetExitCodeProcess
GetFileSizeEx
GetSystemTimeAsFileTime
SetLastError
GetModuleFileNameW
LeaveCriticalSection
ReadFile
lstrlenW
GetComputerNameW
SetFileAttributesW
HeapFree
SetThreadPriority
lstrcmpiW
GetCommandLineA
CreateMutexW
GetProcessHeap
SetFilePointer
GetCurrentProcessId
CreateFileMappingW
IsBadReadPtr
GetUserDefaultUILanguage
MoveFileExW
CreateEventW

user32

GetDlgItemTextA

Sections

.xmxwv
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mjqxih
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rcvut
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xcl
Size: 25KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

734ff48de91956fc46c7d299230210fb

Headers

File Characteristics

Imports

kernel32

user32

Sections

.xmxwv Size: 18KB - Virtual size: 39KB

.mjqxih Size: 5KB - Virtual size: 10KB

.rcvut Size: 1024B - Virtual size: 1KB

.xcl Size: 25KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.xmxwv
Size: 18KB - Virtual size: 39KB

.mjqxih
Size: 5KB - Virtual size: 10KB

.rcvut
Size: 1024B - Virtual size: 1KB

.xcl
Size: 25KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB