4bee561ad7d0883343b93d8d423f944d_JaffaCakes118

General

Target

4bee561ad7d0883343b93d8d423f944d_JaffaCakes118
Size

46KB
MD5

4bee561ad7d0883343b93d8d423f944d
SHA1

9dcd518efcf940825bb8fa5ef9c6e6830be38dbd
SHA256

04bfc01e10eaa104ac629fbd4040a67fe72f72543e746a94f3c1ffd6935f743e
SHA512

963b42963644b5eca0a2b699cc3aeeb5565e1f3949e2e3956bd418b2e4afbe28d9e96b9f03c16a9ef1cf4f5ccd6f77fa5fbd61873aab10bf998801dee1f6c6be
SSDEEP

768:mieoIc0IBPz+GeOBtytu60orDBFEr3iaOYMHU+vUI2tPItlPqTBgpzSM7Q:mv+BytOBty91rlQi0L+68NEQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bee561ad7d0883343b93d8d423f944d_JaffaCakes118

Files

4bee561ad7d0883343b93d8d423f944d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

17f0db79b0c8993356deacc442e1ed1b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetProcessWindowStation
GetDlgItemTextW
GetWindowLongW
CloseDesktop
GetMessageW
LoadCursorW
SendMessageW
GetCursorPos
GetDlgItemTextA
EndDialog
PeekMessageA
OpenDesktopA
OpenWindowStationA
GetMessageA
GetClassNameW
GetWindowTextW
GetForegroundWindow
GetWindowThreadProcessId
DispatchMessageW
CloseWindowStation
GetKeyState
ToUnicode
DrawIcon
GetKeyboardState
MsgWaitForMultipleObjects
GetDlgItem
GetIconInfo
FindWindowExW
PeekMessageW
GetClipboardData
ExitWindowsEx
CharLowerBuffA
SetThreadDesktop

kernel32

GetComputerNameW
CreateFileMappingW
GetLocalTime
HeapAlloc
CloseHandle
LeaveCriticalSection
GetTickCount
MapViewOfFile
lstrcpyW
SetFileAttributesW
IsBadReadPtr
GetTempFileNameW
FindNextFileW
ReadFile
FindResourceW
GetFileTime
MultiByteToWideChar
CreateFileW
SetFileTime
CopyFileW
GetSystemTime
lstrcatA
OpenProcess
lstrcmpiW
lstrlenA
InitializeCriticalSection
HeapReAlloc
FindFirstFileW
GetCommandLineA
ReleaseMutex
WriteProcessMemory
WriteFile
lstrcmpiA
WideCharToMultiByte
ExpandEnvironmentStringsW
GetSystemTimeAsFileTime
FlushFileBuffers
GetLastError
GetModuleHandleA
lstrcatW
FindClose
ResetEvent
SetFilePointer
GlobalUnlock
GetTimeZoneInformation
GetFileSizeEx
SystemTimeToFileTime
GetProcessHeap
MoveFileExW
GetUserDefaultUILanguage
GetTempPathW
EnterCriticalSection
CreateProcessW
GetModuleFileNameA
CreateMutexW
CreateDirectoryW
SetEvent
GetCurrentProcessId

Sections

.fgx
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vofcj
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qlwdgz
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17f0db79b0c8993356deacc442e1ed1b

Headers

File Characteristics

Imports

user32

kernel32

Sections

.fgx Size: 36KB - Virtual size: 56KB

.vofcj Size: 1KB - Virtual size: 4KB

.qlwdgz Size: 7KB - Virtual size: 76KB

.fgx
Size: 36KB - Virtual size: 56KB

.vofcj
Size: 1KB - Virtual size: 4KB

.qlwdgz
Size: 7KB - Virtual size: 76KB