61ca2c1c5dcad21b5a0a870baac64266_JaffaCakes118

General

Target

61ca2c1c5dcad21b5a0a870baac64266_JaffaCakes118
Size

49KB
MD5

61ca2c1c5dcad21b5a0a870baac64266
SHA1

56e3e8818827d9f71c8145ccf52bd0ccf276b67a
SHA256

6ceb109992597d3c26d3e662b94f700bae46bd7d8adf8142261351b61ad60e79
SHA512

f3a4275409fe7635bb4120f81230b9a48d5b4ba8f03fe80535e4cfaa7b97feb54fb79bc8f1dd9cb8d437c9638a58f1ac8db0b372418433a008130bd807bdf644
SSDEEP

768:tcbSmKLz9s/zu5sFLa421HvUiswOIKIMj2UvBrwhXEmcPtuGqHoQxbGFRde:vmKLe/SON+mFoISUprwvcPSIQwF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61ca2c1c5dcad21b5a0a870baac64266_JaffaCakes118

Files

61ca2c1c5dcad21b5a0a870baac64266_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ab71280d246e91a3ae5dfae84f2097b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSizeEx
CreateThread
GetCurrentThreadId
lstrcatW
GetLastError
FindFirstFileW
GetLocalTime
MoveFileExW
GetModuleHandleA
MapViewOfFile
HeapReAlloc
CloseHandle
WriteProcessMemory
lstrcpynW
IsBadReadPtr
GetCurrentProcessId
GetTempPathW
GetThreadPriority
FlushFileBuffers
GlobalUnlock
GetTimeZoneInformation
SetFileTime
SetThreadPriority
GetCommandLineA
GetTempFileNameW
GetDriveTypeW
Sleep
SetFileAttributesW
UnmapViewOfFile
lstrcmpiA
CreateEventW
GetComputerNameW
HeapFree
WideCharToMultiByte
HeapAlloc
CreateDirectoryW
CreateFileW
ExpandEnvironmentStringsW
lstrlenA
DisconnectNamedPipe
GetProcessTimes
InitializeCriticalSection
CreateMutexW
CreateFileMappingW
ReleaseMutex
lstrcmpiW
GlobalLock
GetSystemTimeAsFileTime
GetLogicalDrives
GetExitCodeProcess
OpenMutexW
WriteFile
MultiByteToWideChar
GetProcessHeap
FindNextFileW
SetEndOfFile
GetUserDefaultUILanguage
SetFilePointer
ResetEvent
SetLastError
GetSystemTime
EnterCriticalSection
WaitForSingleObject
OpenProcess
lstrcatA
FindClose
LeaveCriticalSection
lstrcpyA
GetModuleFileNameA
GetVersionExW
CreateProcessW
ReadFile
GetTickCount
lstrlenW
FindResourceW
GetFileTime
lstrcpyW
GetFileSize
SystemTimeToFileTime
SetEvent
CopyFileW
DeleteFileW
GetModuleFileNameW

user32

CloseDesktop
ExitWindowsEx
GetKeyboardState
GetDlgItemTextW
DispatchMessageW
LoadCursorW
GetWindowLongW
CloseWindowStation

Sections

.ozkx
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmt
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lwx
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab71280d246e91a3ae5dfae84f2097b9

Headers

File Characteristics

Imports

kernel32

user32

Sections

.ozkx Size: 39KB - Virtual size: 61KB

.svmt Size: 2KB - Virtual size: 5KB

.lwx Size: 7KB - Virtual size: 80KB

.ozkx
Size: 39KB - Virtual size: 61KB

.svmt
Size: 2KB - Virtual size: 5KB

.lwx
Size: 7KB - Virtual size: 80KB