682ec5481f54d24d2de4c210b37193d4_JaffaCakes118

General

Target

682ec5481f54d24d2de4c210b37193d4_JaffaCakes118
Size

46KB
MD5

682ec5481f54d24d2de4c210b37193d4
SHA1

82203ba51128f6d3a8bde19061c26d357906bc48
SHA256

98fcb521702d7a0c2bd5582f8f09eca31741ccad1b2f4669a67f44a1fa449ebf
SHA512

04eaf37b1febdac39a9342699b8adfcf1ee2a420e62532a95fb40cb618754174447b9a1600b947195c71650cf391279351bb007e9fb41857bcdf40dafe47b640
SSDEEP

768:4X8F/8umikssfYlTL0FMjqp1kiqgLDojcgheFJH+nwLzGieRgic5XxkdK3ES301M:JvkssAlTL0FeiNMj9hYH+wPGieRgvhkZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
682ec5481f54d24d2de4c210b37193d4_JaffaCakes118

Files

682ec5481f54d24d2de4c210b37193d4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ccde968b5c1762a6bdea31ab9aae6f52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassNameW
GetForegroundWindow
CloseWindowStation
GetCursorPos
GetDlgItemTextW
PeekMessageW
GetClipboardData
CloseDesktop
SendMessageW
PeekMessageA
GetDlgItemTextA
FindWindowExW
ToUnicode
DispatchMessageW
OpenWindowStationA
OpenDesktopA
CharLowerBuffA
DrawIcon
GetMessageA
GetKeyboardState
LoadCursorW
GetMessageW
GetIconInfo
GetDlgItem
MsgWaitForMultipleObjects
GetKeyState
SetThreadDesktop
GetWindowTextW
SetProcessWindowStation
ExitWindowsEx
GetWindowLongW
GetWindowThreadProcessId
EndDialog

kernel32

lstrlenA
InitializeCriticalSection
DisconnectNamedPipe
MapViewOfFile
CreateEventW
lstrcpynW
GlobalLock
GetVersionExW
SetFileTime
GetModuleFileNameA
SetLastError
CreateFileMappingW
GetUserDefaultUILanguage
GetModuleFileNameW
GetTempPathW
GetLocalTime
GetCurrentThreadId
SetFileAttributesW
lstrlenW
GetSystemTimeAsFileTime
CreateThread
CreateFileW
DeleteFileW
GetProcessTimes
Sleep
HeapReAlloc
CloseHandle
WriteFile
GetModuleHandleA
UnmapViewOfFile
ReadFile
GetComputerNameW
FindFirstFileW
MoveFileExW
GetThreadPriority
GetSystemTime
GetFileSizeEx
GetTimeZoneInformation
lstrcatW
WideCharToMultiByte
HeapAlloc
ExpandEnvironmentStringsW
lstrcmpiW
SetEvent
GetCurrentProcessId
FindClose
lstrcpyW
SystemTimeToFileTime
OpenProcess
FindNextFileW
SetThreadPriority
SetFilePointer
GlobalUnlock
CreateProcessW
MultiByteToWideChar
HeapFree
GetTickCount
WriteProcessMemory

Sections

.qjuv
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ynutmd
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdcb
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccde968b5c1762a6bdea31ab9aae6f52

Headers

File Characteristics

Imports

user32

kernel32

Sections

.qjuv Size: 36KB - Virtual size: 56KB

.ynutmd Size: 2KB - Virtual size: 4KB

.cdcb Size: 7KB - Virtual size: 76KB

.qjuv
Size: 36KB - Virtual size: 56KB

.ynutmd
Size: 2KB - Virtual size: 4KB

.cdcb
Size: 7KB - Virtual size: 76KB