65ae0070351423f9a16a625686678669_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

65ae0070351423f9a16a625686678669_JaffaCakes118
Size

53KB
MD5

65ae0070351423f9a16a625686678669
SHA1

d3563926a49dfd8a3a65d691641c57a3c59639e2
SHA256

d150165cb9ab6e869b491fa1e7f41c08172121844eeefe6252d190ec8c875039
SHA512

1fcd5017d462a6254065bfdee1b667070c5b774baeaf01801aab0dc721ccac423d5ed3393934c125ad73e01bb8520bdd9fc3ce41d608029732519e7f4110251d
SSDEEP

1536:m/SXW9TcdIR8Bt73W92/S49ri/LfwIQi1FnW:iSG9gMwG949AfQi1F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65ae0070351423f9a16a625686678669_JaffaCakes118

Files

65ae0070351423f9a16a625686678669_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d7086c00db02fff1c7da01216cab8a3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardState
DispatchMessageW
GetDlgItemTextW
ToUnicode
PeekMessageA
EndDialog
GetDlgItemTextA
GetClassNameW
GetWindowThreadProcessId
OpenDesktopA
OpenWindowStationA
SendMessageW
CloseDesktop
SetThreadDesktop
PeekMessageW
GetDlgItem
GetKeyState
MsgWaitForMultipleObjects
GetMessageW
SetProcessWindowStation
GetWindowTextW
GetClipboardData
GetCursorPos
GetWindowLongW
CloseWindowStation
GetIconInfo
ExitWindowsEx
LoadCursorW
DrawIcon
GetForegroundWindow
GetMessageA
FindWindowExW
CharLowerBuffA

kernel32

FindFirstFileW
LeaveCriticalSection
IsBadReadPtr
CreateThread
GetCommandLineA
OpenMutexW
EnterCriticalSection
CreateEventW
ReleaseMutex
GetProcessTimes
CopyFileW
GetCurrentThreadId
GetThreadPriority
GetProcessHeap
GetDriveTypeW
GetCurrentProcessId
DeleteFileW
UnmapViewOfFile
GetSystemTime
GetLogicalDrives
GetTimeZoneInformation
lstrlenA
GetTempFileNameW
lstrcmpiA
GetFileTime
CreateProcessW
FlushFileBuffers
GlobalLock
GetFileSize
lstrcmpiW
HeapFree
GetLastError
HeapAlloc
CreateMutexW
DisconnectNamedPipe
WriteProcessMemory
MoveFileExW
GetModuleFileNameA
MapViewOfFile
GetTempPathW
CreateFileMappingW
GetLocalTime
lstrcatA
GetModuleFileNameW
WriteFile
GetSystemTimeAsFileTime
WaitForSingleObject
lstrcatW
SetEndOfFile
GetModuleHandleA
ExpandEnvironmentStringsW
GetUserDefaultUILanguage
CloseHandle
lstrcpyW
lstrcpyA
CreateDirectoryW
FindResourceW
MultiByteToWideChar

Sections

.lcxgx
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.chcz
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vipat
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdcf
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7086c00db02fff1c7da01216cab8a3f

Headers

File Characteristics

Imports

user32

kernel32

Sections

.lcxgx Size: 18KB - Virtual size: 39KB

.chcz Size: 5KB - Virtual size: 10KB

.vipat Size: 1024B - Virtual size: 1KB

.sdcf Size: 26KB - Virtual size: 132KB

.rsrc Size: 1KB - Virtual size: 4KB

.lcxgx
Size: 18KB - Virtual size: 39KB

.chcz
Size: 5KB - Virtual size: 10KB

.vipat
Size: 1024B - Virtual size: 1KB

.sdcf
Size: 26KB - Virtual size: 132KB

.rsrc
Size: 1KB - Virtual size: 4KB