755446a9061a9438f95c1dc06ec9323a_JaffaCakes118

General

Target

755446a9061a9438f95c1dc06ec9323a_JaffaCakes118
Size

417KB
MD5

755446a9061a9438f95c1dc06ec9323a
SHA1

ba454e087941e319c0f8a93886126b8e969a3c1d
SHA256

67b2f9506030bfae6ea4283c0d258442e315c678c4f59c5eca51ef380afaf3aa
SHA512

a3a09591bc6b991d84aeb58359dc85c317d289512b06936f6e815ad7c2ae7b8054531611757a27ac6c6aa8a73f8b58c35b78ae974d6da9478955ed1dec8cffce
SSDEEP

6144:SuogY6+OmCgeKQ4jKzOhs63KFLOdfsZsUIkyaG4ALLQNXgxiaJY:SKrCwFLc6j+qGQNXgxbK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
755446a9061a9438f95c1dc06ec9323a_JaffaCakes118

Files

755446a9061a9438f95c1dc06ec9323a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

66297075e6baf433fcd55ed803bd418d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ToUnicode
ExitWindowsEx
GetIconInfo
CloseDesktop
OpenDesktopA
SetThreadDesktop
OpenWindowStationA
GetMessageA
EndDialog
GetCursorPos
DispatchMessageW
GetDlgItemTextW
GetWindowTextW
CloseWindowStation
SendMessageW
GetDlgItem
CharLowerBuffA
DrawIcon
FindWindowExW
PeekMessageW
GetMessageW
GetKeyboardState
GetKeyState
GetWindowThreadProcessId
GetClipboardData
MsgWaitForMultipleObjects
GetDlgItemTextA
SetProcessWindowStation
GetClassNameW
PeekMessageA
GetForegroundWindow
LoadCursorW
GetWindowLongW

kernel32

lstrcmpiW
FindResourceW
OpenProcess
lstrcatA
GetLastError
CreateProcessW
CreateMutexW
GetLocalTime
GetModuleHandleA
lstrcatW
lstrcpyA
WriteProcessMemory
GetUserDefaultUILanguage
CloseHandle
GetModuleFileNameA
DeleteFileW
GetCurrentThreadId
CreateFileMappingW
SetFileTime
GetDriveTypeW
HeapFree
WaitForSingleObject
SetLastError
GetTempFileNameW
GetTimeZoneInformation
UnmapViewOfFile
ResetEvent
lstrlenA
SetThreadPriority
GetVersionExW
GetSystemTimeAsFileTime
GlobalLock
SystemTimeToFileTime
GetCommandLineA
GetModuleFileNameW
CreateThread
lstrcmpiA
Sleep
lstrcpynW
FindClose
SetEvent
ExpandEnvironmentStringsW
GetProcessHeap
FlushFileBuffers
GetFileTime
MapViewOfFile
lstrcpyW
CreateDirectoryW
lstrlenW
WideCharToMultiByte
SetEndOfFile
GetProcessTimes
DisconnectNamedPipe
EnterCriticalSection
GetCurrentProcessId
GetComputerNameW
GetSystemTime

Sections

.ktkh
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gzov
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xmpon
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66297075e6baf433fcd55ed803bd418d

Headers

File Characteristics

Imports

user32

kernel32

Sections

.ktkh Size: 39KB - Virtual size: 61KB

.gzov Size: 2KB - Virtual size: 5KB

.xmpon Size: 7KB - Virtual size: 80KB

.ktkh
Size: 39KB - Virtual size: 61KB

.gzov
Size: 2KB - Virtual size: 5KB

.xmpon
Size: 7KB - Virtual size: 80KB