33425450f7a45ac85888fcadf8cb4831_JaffaCakes118

General

Target

33425450f7a45ac85888fcadf8cb4831_JaffaCakes118
Size

52KB
MD5

33425450f7a45ac85888fcadf8cb4831
SHA1

9c58e69f0b498dd0fd82e8d5100e609efaf39b37
SHA256

6413339fb488e4303832e4c9c134bf7d58c545e74069ac47a3b4e5290fdbbe2b
SHA512

7ff986c758e5d6d025564984936218b69095e57d465e60318500b653812b81b2679bb9216db250dc94d58f7e4e413653c1272b4a70fc1dd063c278095d8f6dc4
SSDEEP

1536:yDR0/sKOBUgP/Mgp4bbQlEhUiX+/mUD95:yDR0UUgWvQlBiX+nJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33425450f7a45ac85888fcadf8cb4831_JaffaCakes118

Files

33425450f7a45ac85888fcadf8cb4831_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c8f1e269d30c86b6be2784d6e2b8724e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OpenWindowStationA
OpenDesktopA
GetKeyState
DrawIcon
GetWindowThreadProcessId
GetKeyboardState
EndDialog
ToUnicode
CloseDesktop
GetWindowTextW
ExitWindowsEx
GetDlgItem
GetClassNameW
CloseWindowStation
GetDlgItemTextW
SendMessageW
GetIconInfo
GetMessageA
GetDlgItemTextA
GetClipboardData
GetMessageW
PeekMessageA
SetProcessWindowStation
PeekMessageW
FindWindowExW
GetCursorPos
DispatchMessageW
SetThreadDesktop
GetWindowLongW
GetForegroundWindow
MsgWaitForMultipleObjects
LoadCursorW
CharLowerBuffA

kernel32

FindFirstFileW
WideCharToMultiByte
GetModuleFileNameA
GetLocalTime
EnterCriticalSection
HeapReAlloc
GetProcessTimes
GetDriveTypeW
CreateThread
GetTempFileNameW
GetProcessHeap
CreateFileMappingW
MapViewOfFile
CreateFileW
FindNextFileW
GetFileTime
SetLastError
GetLogicalDrives
GlobalLock
GetModuleHandleA
GetThreadPriority
CreateEventW
InitializeCriticalSection
DeleteFileW
GetTempPathW
lstrcpyW
SetFileAttributesW
WriteProcessMemory
GetFileSizeEx
MoveFileExW
FindClose
GetComputerNameW
LeaveCriticalSection
GetVersionExW
GetTickCount
CloseHandle
HeapAlloc
GlobalUnlock
lstrlenW
GetUserDefaultUILanguage
GetSystemTimeAsFileTime
CopyFileW
SetThreadPriority
OpenProcess
UnmapViewOfFile
lstrcmpiA
OpenMutexW
lstrlenA
GetCurrentThreadId
MultiByteToWideChar
lstrcpyA
DisconnectNamedPipe
SetEvent
ExpandEnvironmentStringsW
WriteFile
lstrcpynW
ReleaseMutex

Sections

.whgb
Size: 19KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uryzad
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avsvwt
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lkf
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8f1e269d30c86b6be2784d6e2b8724e

Headers

File Characteristics

Imports

user32

kernel32

Sections

.whgb Size: 19KB - Virtual size: 40KB

.uryzad Size: 5KB - Virtual size: 10KB

.avsvwt Size: 1024B - Virtual size: 1KB

.lkf Size: 26KB - Virtual size: 132KB

.whgb
Size: 19KB - Virtual size: 40KB

.uryzad
Size: 5KB - Virtual size: 10KB

.avsvwt
Size: 1024B - Virtual size: 1KB

.lkf
Size: 26KB - Virtual size: 132KB