302e729dcebaa06328d1eb8e0a0cf72f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

302e729dcebaa06328d1eb8e0a0cf72f_JaffaCakes118
Size

54KB
MD5

302e729dcebaa06328d1eb8e0a0cf72f
SHA1

0cf89049144d96c68449d6a3d976d7f1413d2841
SHA256

a631b5938d5704f4f5a86213831381616ff0173994fe11fc9b5e01d463ba1ad7
SHA512

6df787a3b173c763d8851d4100239f68314fc930325dfe0a1421c62444fe9fa41f9194b5712f3cfa4888afcdabc2797a6ca66c1f3fbb1ad526f5978f53db4000
SSDEEP

768:vzb970Z+AIG1azdb5UlztIj3FN0o/ZFv/+UNJoZdJRuiTZ5pRvSM30vVp4A7CIMP:Lb9MQuazdbSVtoFNXFvdJWRu2pMM34s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
302e729dcebaa06328d1eb8e0a0cf72f_JaffaCakes118

Files

302e729dcebaa06328d1eb8e0a0cf72f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bedc1834d34d88b2840846301b8ad9b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharLowerBuffA
SetThreadDesktop
ExitWindowsEx
OpenDesktopA
GetMessageA
CloseWindowStation
DispatchMessageW
EndDialog
OpenWindowStationA
DrawIcon
GetKeyState
GetDlgItem
CloseDesktop
PeekMessageW
GetDlgItemTextW
GetKeyboardState
GetWindowTextW
GetForegroundWindow
ToUnicode
GetWindowLongW
GetMessageW
GetCursorPos
FindWindowExW
GetIconInfo
PeekMessageA
GetClipboardData
GetWindowThreadProcessId
LoadCursorW
GetClassNameW
SetProcessWindowStation
GetDlgItemTextA
MsgWaitForMultipleObjects
SendMessageW

kernel32

FindNextFileW
lstrcpyA
CreateMutexW
ReadFile
GetExitCodeProcess
DisconnectNamedPipe
GetFileSizeEx
GetUserDefaultUILanguage
CreateThread
CreateProcessW
GetThreadPriority
GetDriveTypeW
CreateDirectoryW
CreateFileMappingW
GetFileTime
IsBadReadPtr
ResetEvent
lstrlenW
HeapReAlloc
GetLogicalDrives
CloseHandle
OpenProcess
EnterCriticalSection
CreateEventW
SetFileAttributesW
UnmapViewOfFile
GetLocalTime
GetModuleHandleA
ExpandEnvironmentStringsW
lstrcmpiA
GetProcessHeap
GetProcessTimes
InitializeCriticalSection
GetCurrentProcessId
GetVersionExW
lstrcatW
OpenMutexW
SystemTimeToFileTime
MoveFileExW
MultiByteToWideChar
GetCommandLineA
FlushFileBuffers
GetModuleFileNameW
HeapFree
WideCharToMultiByte
GetLastError
GetModuleFileNameA
lstrcmpiW
GlobalUnlock
GetFileSize
HeapAlloc
lstrlenA
GetTempFileNameW
GetTimeZoneInformation
CopyFileW
SetFilePointer
CreateFileW

Sections

.yroxup
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lwlih
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.doj
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ajurkv
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bedc1834d34d88b2840846301b8ad9b4

Headers

File Characteristics

Imports

user32

kernel32

Sections

.yroxup Size: 20KB - Virtual size: 40KB

.lwlih Size: 4KB - Virtual size: 10KB

.doj Size: 1024B - Virtual size: 1KB

.ajurkv Size: 26KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.yroxup
Size: 20KB - Virtual size: 40KB

.lwlih
Size: 4KB - Virtual size: 10KB

.doj
Size: 1024B - Virtual size: 1KB

.ajurkv
Size: 26KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB