3cfd1f9f86e06922327dc719b9809bb5_JaffaCakes118

General

Target

3cfd1f9f86e06922327dc719b9809bb5_JaffaCakes118
Size

52KB
MD5

3cfd1f9f86e06922327dc719b9809bb5
SHA1

8295d890c9041bf366f32af3bb11601263f67f0c
SHA256

b2d1393596ec7cc26b9fab8661beca9513bbb0ab04b5735d6d095da6bc028df7
SHA512

deaae2a360851f882c01a9ff5a91f0d33946c39f2f72322b0f55cb4059192691f22f3ee78f325a83e7c6602ccb60b2f40486a23b44315b2e1a0dfc1104830d79
SSDEEP

1536:4jv+E3yyb2kDfDe3TBF1iFp5oJ5MfrqK5/gW:4j1bnDbejL1o/oJa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cfd1f9f86e06922327dc719b9809bb5_JaffaCakes118

Files

3cfd1f9f86e06922327dc719b9809bb5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a3d2fa96826a423dc953c2f43dbcb451

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
EnterCriticalSection
MoveFileExW
HeapReAlloc
SetEvent
DisconnectNamedPipe
GetFileTime
GetFileSizeEx
IsBadReadPtr
GetSystemTime
MultiByteToWideChar
FlushFileBuffers
CreateEventW
GetLastError
GetExitCodeProcess
SetLastError
CreateDirectoryW
lstrcatW
GetModuleFileNameA
SetFileTime
CreateProcessW
ExpandEnvironmentStringsW
WriteProcessMemory
ResetEvent
WaitForSingleObject
UnmapViewOfFile
GetTempPathW
SystemTimeToFileTime
lstrcatA
SetFilePointer
lstrcmpiW
GetComputerNameW
GetProcessHeap
GetTickCount
FindNextFileW
GetThreadPriority
GetSystemTimeAsFileTime
MapViewOfFile
Sleep
GetModuleHandleA
GlobalUnlock
LeaveCriticalSection
DeleteFileW
FindFirstFileW
FindClose
GetFileSize
ReleaseMutex
lstrcmpiA
lstrlenA
GetModuleFileNameW
GetTempFileNameW
lstrcpynW
GetUserDefaultUILanguage
CreateThread
GetTimeZoneInformation
HeapAlloc
GetVersionExW
GetLocalTime
SetThreadPriority
SetFileAttributesW

user32

GetKeyState

Sections

.wpcd
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.twleb
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xadil
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vkz
Size: 25KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3d2fa96826a423dc953c2f43dbcb451

Headers

File Characteristics

Imports

kernel32

user32

Sections

.wpcd Size: 18KB - Virtual size: 39KB

.twleb Size: 5KB - Virtual size: 10KB

.xadil Size: 1024B - Virtual size: 1KB

.vkz Size: 25KB - Virtual size: 132KB

.rsrc Size: 1KB - Virtual size: 4KB

.wpcd
Size: 18KB - Virtual size: 39KB

.twleb
Size: 5KB - Virtual size: 10KB

.xadil
Size: 1024B - Virtual size: 1KB

.vkz
Size: 25KB - Virtual size: 132KB

.rsrc
Size: 1KB - Virtual size: 4KB