63f808c5a09cd362671d5f2ea604ea11_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63f808c5a09cd362671d5f2ea604ea11_JaffaCakes118
Size

55KB
MD5

63f808c5a09cd362671d5f2ea604ea11
SHA1

5e9c45942c0194b062345fa034c45f62a5664b3f
SHA256

84dcc7ffc34fc0e134a5c447020f950c7532c13784607a12e90bf5fee0811a83
SHA512

6c6539556e95346aba7536dbda784702f2a0ec4b18a9f821aaea676da72c5e35047a587e8d633d8cf3d37bd9560cb140b81e0fb4feb88396ffe83e6d9dc8a39f
SSDEEP

768:X8TSOBzMw6hoMn/2nC/Q05iJ4rwsPBHVaEizMOeqh37F1hH6zTTTTFn4a7lk71hf:XOBz0nK0QsDzqhp1hOvTFLC1hU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63f808c5a09cd362671d5f2ea604ea11_JaffaCakes118

Files

63f808c5a09cd362671d5f2ea604ea11_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c8f14edba0b4c72d9f9cb7d6bf65467a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorW
DispatchMessageW
DrawIcon
GetDlgItemTextA
MsgWaitForMultipleObjects
FindWindowExW
SetThreadDesktop
EndDialog
ToUnicode
GetDlgItemTextW
GetIconInfo
SetProcessWindowStation
CharLowerBuffA
GetForegroundWindow
GetDlgItem
GetMessageA
GetCursorPos
ExitWindowsEx
GetKeyState
GetWindowTextW
CloseWindowStation
GetWindowThreadProcessId
GetKeyboardState
SendMessageW
GetClassNameW
GetWindowLongW
GetClipboardData
PeekMessageW
PeekMessageA
GetMessageW
CloseDesktop
OpenDesktopA
OpenWindowStationA

kernel32

lstrcatW
lstrcpyW
GetCurrentThreadId
CopyFileW
GetTempPathW
GetFileSize
MapViewOfFile
GetCurrentProcessId
CreateProcessW
CreateFileMappingW
lstrcmpiW
SetFilePointer
GetDriveTypeW
GetUserDefaultUILanguage
WideCharToMultiByte
lstrlenW
SetFileTime
CloseHandle
GetFileSizeEx
CreateThread
UnmapViewOfFile
GetTickCount
GetLastError
WriteFile
CreateDirectoryW
GetExitCodeProcess
ResetEvent
Sleep
FlushFileBuffers
SetThreadPriority
FindFirstFileW
OpenProcess
FindClose
GetLogicalDrives
GetModuleFileNameW
GetThreadPriority
GlobalLock
lstrlenA
HeapFree
GetProcessTimes
ExpandEnvironmentStringsW
GetSystemTime
WaitForSingleObject
SetFileAttributesW
IsBadReadPtr
DisconnectNamedPipe
GetTimeZoneInformation
CreateFileW
CreateMutexW
HeapReAlloc
lstrcpyA
WriteProcessMemory
lstrcpynW
ReadFile
GlobalUnlock
OpenMutexW
GetProcessHeap

Sections

.apqpcn
Size: 19KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.byxon
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zonsn
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wzwr
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8f14edba0b4c72d9f9cb7d6bf65467a

Headers

File Characteristics

Imports

user32

kernel32

Sections

.apqpcn Size: 19KB - Virtual size: 39KB

.byxon Size: 5KB - Virtual size: 10KB

.zonsn Size: 1024B - Virtual size: 1KB

.wzwr Size: 27KB - Virtual size: 132KB

.rsrc Size: 1KB - Virtual size: 4KB

.apqpcn
Size: 19KB - Virtual size: 39KB

.byxon
Size: 5KB - Virtual size: 10KB

.zonsn
Size: 1024B - Virtual size: 1KB

.wzwr
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 1KB - Virtual size: 4KB