0066502ba87c39e47a179193be2166c4_JaffaCakes118

General

Target

0066502ba87c39e47a179193be2166c4_JaffaCakes118
Size

46KB
MD5

0066502ba87c39e47a179193be2166c4
SHA1

f672fa71c1d809ef60feddf4aa0a37aa6150f042
SHA256

14746b06025a901b608270577b825a3a9ff18966709d7bc81158a8db245a4356
SHA512

511b9e088f9cc595eecf019511f0c8ef10383bc886293b0ab4ad8c6bf2ce4ba5111642d7b5e4410cbcc71a2a838fdaca71ab38c0ce46e0fc4b7e3c0588457d84
SSDEEP

768:wyM85jgcwdYWbi0fq/EbBaDhBnIWlAEoBIZ1Ymd6kEUmDls4XWIRPh8rFXaTKvQ5:i6zwdYei0fq/ScIWl8BInYM/gZUFXaW8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0066502ba87c39e47a179193be2166c4_JaffaCakes118

Files

0066502ba87c39e47a179193be2166c4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1253415206c727c05c5c0ba55cf171c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyState
CharLowerBuffA
LoadCursorW
GetIconInfo
GetCursorPos
GetWindowTextW
GetClipboardData
GetDlgItemTextW
DispatchMessageW
GetClassNameW
SetThreadDesktop
CloseWindowStation
GetWindowLongW
CloseDesktop
GetDlgItem
PeekMessageA
SetProcessWindowStation
GetKeyboardState
PeekMessageW
GetDlgItemTextA
OpenDesktopA
GetMessageW
OpenWindowStationA
GetMessageA
SendMessageW
GetForegroundWindow
GetWindowThreadProcessId
MsgWaitForMultipleObjects
DrawIcon
ToUnicode
FindWindowExW
EndDialog
ExitWindowsEx

kernel32

GetCurrentProcessId
GetUserDefaultUILanguage
SetFilePointer
EnterCriticalSection
SetEndOfFile
IsBadReadPtr
GetTempFileNameW
WriteProcessMemory
CreateFileMappingW
lstrcatW
GlobalLock
GetLocalTime
GetDriveTypeW
lstrcmpiW
MoveFileExW
OpenProcess
ResetEvent
LeaveCriticalSection
GetTimeZoneInformation
GetProcessTimes
GetTickCount
MultiByteToWideChar
CreateDirectoryW
lstrlenW
UnmapViewOfFile
GetComputerNameW
CreateProcessW
GetFileSize
WideCharToMultiByte
CreateMutexW
HeapFree
GetProcessHeap
GetVersionExW
lstrcpynW
GetModuleHandleA
MapViewOfFile
CloseHandle
lstrcmpiA
GetModuleFileNameW
CreateEventW
DisconnectNamedPipe
SetFileAttributesW
GetTempPathW
HeapReAlloc
CreateThread
DeleteFileW
FindFirstFileW
ReleaseMutex
GetLastError
SetThreadPriority
FlushFileBuffers
GetLogicalDrives
lstrcpyW
GetCurrentThreadId
OpenMutexW
CreateFileW
CopyFileW
GetCommandLineA

Sections

.ludoh
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.klglwh
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.inwdgj
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1253415206c727c05c5c0ba55cf171c9

Headers

File Characteristics

Imports

user32

kernel32

Sections

.ludoh Size: 36KB - Virtual size: 56KB

.klglwh Size: 1KB - Virtual size: 4KB

.inwdgj Size: 7KB - Virtual size: 76KB

.ludoh
Size: 36KB - Virtual size: 56KB

.klglwh
Size: 1KB - Virtual size: 4KB

.inwdgj
Size: 7KB - Virtual size: 76KB