60f1d06643c2c98958ac6de366c83f33_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60f1d06643c2c98958ac6de366c83f33_JaffaCakes118
Size

54KB
MD5

60f1d06643c2c98958ac6de366c83f33
SHA1

7f483a4b0d9adc25448db57d51ca629299fa4154
SHA256

a7067744c56c9fb3016142b0159a97dafe712a8a3e78eae71939461cea54be5c
SHA512

ba72a82fa220665524a0f661f41503e54f1996b98f90e25fa54f79fb462f468ea1e6e8f9a0d495897a5b617d4454e8d95b44ebe79c554a82e1ae1c63a8a4f99c
SSDEEP

768:6Zb/D8zDbawL3gUhu/oPRQz6jlaSVdSjDCAtcn5nVtlytkxIgkXwwRy/9i7SDd:yn8HbbLGsyal1LI2ucZLQdAwRyVx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60f1d06643c2c98958ac6de366c83f33_JaffaCakes118

Files

60f1d06643c2c98958ac6de366c83f33_JaffaCakes118
.exe windows:5 windows x86 arch:x86

75e1129134dfbfc6da1526b53f44afa9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextW
PeekMessageW
GetKeyState
ExitWindowsEx
GetMessageA
GetForegroundWindow
SetProcessWindowStation
GetWindowThreadProcessId
GetIconInfo
GetClipboardData
SetThreadDesktop
CloseWindowStation
OpenDesktopA
GetWindowLongW
GetWindowTextW
DrawIcon
OpenWindowStationA
GetDlgItem
CloseDesktop
LoadCursorW
CharLowerBuffA
GetDlgItemTextA
MsgWaitForMultipleObjects
FindWindowExW
PeekMessageA
GetKeyboardState
GetMessageW
SendMessageW
EndDialog
GetCursorPos
GetClassNameW
DispatchMessageW
ToUnicode

kernel32

CreateMutexW
ReadFile
SetFileTime
GetVersionExW
GetCommandLineA
GetLogicalDrives
GetCurrentProcessId
lstrcmpiW
DisconnectNamedPipe
DeleteFileW
GetProcessHeap
lstrlenW
GetModuleFileNameA
SetFileAttributesW
SetThreadPriority
lstrcatA
ResetEvent
CreateFileW
GetSystemTime
OpenMutexW
GetTempPathW
HeapReAlloc
CreateDirectoryW
lstrcatW
SetLastError
GetFileTime
MultiByteToWideChar
GetSystemTimeAsFileTime
CloseHandle
FindFirstFileW
WaitForSingleObject
SystemTimeToFileTime
GetTimeZoneInformation
InitializeCriticalSection
GetUserDefaultUILanguage
LeaveCriticalSection
GetModuleHandleA
lstrcmpiA
ExpandEnvironmentStringsW
CreateFileMappingW
GetProcessTimes
HeapAlloc
CopyFileW
EnterCriticalSection
GlobalUnlock
CreateProcessW
lstrlenA
FlushFileBuffers
HeapFree
CreateEventW
CreateThread
GetLocalTime
WriteProcessMemory
IsBadReadPtr
WideCharToMultiByte
lstrcpyW
UnmapViewOfFile
lstrcpyA

Sections

.ryv
Size: 19KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dcd
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zwxmj
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ozez
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75e1129134dfbfc6da1526b53f44afa9

Headers

File Characteristics

Imports

user32

kernel32

Sections

.ryv Size: 19KB - Virtual size: 40KB

.dcd Size: 5KB - Virtual size: 10KB

.zwxmj Size: 1024B - Virtual size: 1KB

.ozez Size: 26KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.ryv
Size: 19KB - Virtual size: 40KB

.dcd
Size: 5KB - Virtual size: 10KB

.zwxmj
Size: 1024B - Virtual size: 1KB

.ozez
Size: 26KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB