3231a3f773e461e1b8c6e4d7a17f8fd4_JaffaCakes118

General

Target

3231a3f773e461e1b8c6e4d7a17f8fd4_JaffaCakes118
Size

49KB
MD5

3231a3f773e461e1b8c6e4d7a17f8fd4
SHA1

0857dcc0882efba52b1035cc7ad68c2d19293f8e
SHA256

e5012062b27dc8e9733ab5fd4a95aff6554b4b7b2afccbc0e32df88f4fc8e190
SHA512

9b782586aeff226bc20f6f4cde28fe0655ca6924fd44394267e680f76e3ea66f0d0ff1c2ca6a24de279282789fe4258a80542cd59be9a9e81a5c981eeabb6dc2
SSDEEP

1536:kqkRfITUo74fZv2jPAOUmd/6PHL4ZDNLG:KRwz7oB2jqPHYN6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3231a3f773e461e1b8c6e4d7a17f8fd4_JaffaCakes118

Files

3231a3f773e461e1b8c6e4d7a17f8fd4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09f56f89d9a17844c066c19a464b94a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog
LoadCursorW
GetClipboardData
GetWindowLongW
GetDlgItemTextA
OpenDesktopA
DrawIcon
DispatchMessageW
GetMessageW
SetProcessWindowStation
PeekMessageW
MsgWaitForMultipleObjects
GetKeyboardState
GetIconInfo
FindWindowExW
GetCursorPos
GetWindowThreadProcessId
PeekMessageA
GetKeyState
GetClassNameW
GetDlgItemTextW
CloseWindowStation
GetDlgItem
GetWindowTextW
SetThreadDesktop
SendMessageW
GetMessageA
OpenWindowStationA
CloseDesktop
CharLowerBuffA
ExitWindowsEx
GetForegroundWindow
ToUnicode

kernel32

GetProcessHeap
ExpandEnvironmentStringsW
GetModuleHandleA
IsBadReadPtr
lstrlenA
GetModuleFileNameW
GetVersionExW
GetExitCodeProcess
GetFileSize
CopyFileW
SetFilePointer
CreateFileMappingW
OpenProcess
lstrcmpiW
CloseHandle
SystemTimeToFileTime
MapViewOfFile
ResetEvent
WaitForSingleObject
WideCharToMultiByte
LeaveCriticalSection
GetFileTime
CreateFileW
lstrlenW
SetFileTime
InitializeCriticalSection
DisconnectNamedPipe
CreateMutexW
CreateThread
FlushFileBuffers
CreateEventW
SetEvent
SetThreadPriority
lstrcpynW
lstrcpyW
GetDriveTypeW
GetCurrentProcessId
OpenMutexW
GetLocalTime
GetLogicalDrives
SetFileAttributesW
GetTempPathW
GetTimeZoneInformation
HeapReAlloc
GlobalLock
ReleaseMutex
CreateProcessW
FindFirstFileW
UnmapViewOfFile
GetThreadPriority
GetTempFileNameW
GetSystemTimeAsFileTime
WriteProcessMemory
GetProcessTimes
FindNextFileW
lstrcatA
GetCommandLineA

Sections

.hkt
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jujmn
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qjap
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09f56f89d9a17844c066c19a464b94a3

Headers

File Characteristics

Imports

user32

kernel32

Sections

.hkt Size: 39KB - Virtual size: 61KB

.jujmn Size: 2KB - Virtual size: 5KB

.qjap Size: 7KB - Virtual size: 80KB

.hkt
Size: 39KB - Virtual size: 61KB

.jujmn
Size: 2KB - Virtual size: 5KB

.qjap
Size: 7KB - Virtual size: 80KB