78c3ea9a1e72624d413ff046cdb18b88_JaffaCakes118

General

Target

78c3ea9a1e72624d413ff046cdb18b88_JaffaCakes118
Size

64KB
MD5

78c3ea9a1e72624d413ff046cdb18b88
SHA1

eb740b2684831c4b91a7d59caa8f8596f097c8c2
SHA256

5fb050e74f50567efca0ee8cf31e341f0c65cc044eddf970fa14761efd762abd
SHA512

72176a09e13782f6fed3e5bd2a8e598e188f4d1f3cd50888351559fc159c0c4b4b9b8f0c844332162fa6ec57d625cc04c30f2e2296590cb8fbea095d7ecfb62d
SSDEEP

1536:G/k0j1ggoC45lTlGzaxqCAe3fCAPg3jmOn:GVpaC4rgSqC/3fCAoTmC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78c3ea9a1e72624d413ff046cdb18b88_JaffaCakes118

Files

78c3ea9a1e72624d413ff046cdb18b88_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f19f0d71de696e7ddda1ffc8ca697cd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
Sleep
GetModuleFileNameA
InitializeCriticalSection
lstrcpyA
ReleaseMutex
SetLastError
GetTimeZoneInformation
lstrcpyW
lstrcatA
GetCurrentProcessId
GetComputerNameW
ResetEvent
SetFilePointer
GetExitCodeProcess
CreateEventW
UnmapViewOfFile
GetModuleFileNameW
CopyFileW
GetCurrentThreadId
WriteProcessMemory
GetFileSize
GetTickCount
lstrcpynW
DisconnectNamedPipe
WaitForSingleObject
GetCommandLineA
HeapFree
CreateThread
GetThreadPriority
WideCharToMultiByte
FindFirstFileW
GlobalUnlock
FindClose
GetDriveTypeW
SetFileTime
SetEvent
lstrcatW
MoveFileExW
GetProcessTimes
FlushFileBuffers
GetFileSizeEx
FindNextFileW
lstrcmpiW
DeleteFileW
MapViewOfFile
SystemTimeToFileTime
CreateFileMappingW
ExpandEnvironmentStringsW
OpenProcess
CreateMutexW
GetLocalTime
OpenMutexW
GetTempPathW
GetSystemTimeAsFileTime
lstrcmpiA
SetFileAttributesW
GetTempFileNameW
ReadFile
GetProcessHeap
LeaveCriticalSection
lstrlenA
CloseHandle
SetThreadPriority
GetVersionExW
WriteFile
CreateDirectoryW
GetUserDefaultUILanguage
CreateProcessW
FindResourceW
CreateFileW
IsBadReadPtr
GetLastError
GetLogicalDrives
MultiByteToWideChar
SetEndOfFile
GlobalLock
GetFileTime
lstrlenW
HeapAlloc
HeapReAlloc
GetSystemTime
GetModuleHandleA

user32

GetDlgItem
GetDlgItemTextW
SetThreadDesktop
GetMessageW
GetKeyboardState
OpenWindowStationA
OpenDesktopA
GetKeyState

Sections

.qzet
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.urqh
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ajwr
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jal
Size: 28KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f19f0d71de696e7ddda1ffc8ca697cd2

Headers

File Characteristics

Imports

kernel32

user32

Sections

.qzet Size: 20KB - Virtual size: 40KB

.urqh Size: 8KB - Virtual size: 10KB

.ajwr Size: 4KB - Virtual size: 1KB

.jal Size: 28KB - Virtual size: 132KB

.qzet
Size: 20KB - Virtual size: 40KB

.urqh
Size: 8KB - Virtual size: 10KB

.ajwr
Size: 4KB - Virtual size: 1KB

.jal
Size: 28KB - Virtual size: 132KB