434faf85a5322571bf761ace7296f901_JaffaCakes118

General

Target

434faf85a5322571bf761ace7296f901_JaffaCakes118
Size

49KB
MD5

434faf85a5322571bf761ace7296f901
SHA1

ec5c8db5aaada12745cccb7bbb2809fcd011d244
SHA256

2cb95e4df569c58d223d0e6d2527b1c37870b7c25134e3c7fbc2b788bffe7b1e
SHA512

bc917f4faf0abf855e7a7b8e9a2941dfd6efa2044563b5cf7fe51eb2b1c83a8deb67ff6fac962e503d589ada80f4203a973b2039ef451f468ff3df37aee5c2c3
SSDEEP

1536:Ddw+NdcF5VR7anyzxb3ImjgBsWP56yik/SAT5mlbFPw:5TUF5XayR3hMBsW56yjqQQlR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
434faf85a5322571bf761ace7296f901_JaffaCakes118

Files

434faf85a5322571bf761ace7296f901_JaffaCakes118
.exe windows:5 windows x86 arch:x86

053f986d914bb7a8f814f573ca3607cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawIcon
SetProcessWindowStation
MsgWaitForMultipleObjects
GetDlgItemTextW
ToUnicode
GetWindowLongW
GetKeyboardState
LoadCursorW
CloseWindowStation
GetMessageA
GetDlgItem
PeekMessageA
GetWindowThreadProcessId
GetMessageW
GetKeyState
ExitWindowsEx
EndDialog
DispatchMessageW
CloseDesktop
GetClipboardData
CharLowerBuffA
GetForegroundWindow
SetThreadDesktop
PeekMessageW
GetDlgItemTextA
FindWindowExW
OpenWindowStationA
OpenDesktopA
GetCursorPos
GetClassNameW
SendMessageW
GetWindowTextW
GetIconInfo

kernel32

lstrlenA
GetFileSizeEx
CreateEventW
CreateMutexW
GlobalUnlock
GetModuleFileNameA
GetTempFileNameW
LeaveCriticalSection
FindClose
GetTimeZoneInformation
GetFileSize
WideCharToMultiByte
OpenProcess
GetVersionExW
MultiByteToWideChar
WriteProcessMemory
CloseHandle
GetLocalTime
DeleteFileW
SetThreadPriority
lstrcmpiW
GetProcessTimes
lstrlenW
WaitForSingleObject
ResetEvent
lstrcpyA
HeapFree
GetCommandLineA
MapViewOfFile
lstrcatA
FindNextFileW
CreateThread
ReadFile
lstrcpyW
IsBadReadPtr
GetFileTime
OpenMutexW
GetLastError
GetComputerNameW
GetExitCodeProcess
GetThreadPriority
GetSystemTime
CopyFileW
GetUserDefaultUILanguage
SetFileAttributesW
GetLogicalDrives
GetModuleFileNameW
FindResourceW
FlushFileBuffers
GetSystemTimeAsFileTime
WriteFile
SystemTimeToFileTime
DisconnectNamedPipe
SetLastError
SetEvent
GetDriveTypeW
Sleep

Sections

.qvwd
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nkhul
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.czetyn
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

053f986d914bb7a8f814f573ca3607cb

Headers

File Characteristics

Imports

user32

kernel32

Sections

.qvwd Size: 39KB - Virtual size: 61KB

.nkhul Size: 2KB - Virtual size: 5KB

.czetyn Size: 7KB - Virtual size: 80KB

.qvwd
Size: 39KB - Virtual size: 61KB

.nkhul
Size: 2KB - Virtual size: 5KB

.czetyn
Size: 7KB - Virtual size: 80KB