859301fc99737573acf075fae8b80530_JaffaCakes118

General

Target

859301fc99737573acf075fae8b80530_JaffaCakes118
Size

46KB
MD5

859301fc99737573acf075fae8b80530
SHA1

6db12db3b2e461488057229ff828a863cfaadff6
SHA256

5705dea1ef193b26c708b1c3d18d8b295ee752da3c3d5feaee8782c02a1d7046
SHA512

fab09ca12411eed7beb1e6b8f273f241cbee255cc395ea286cfedea52f7a1f5a073a9309a3a1e0ba619714e136f1aab59821c5e254e4642187fa3564f0168196
SSDEEP

768:4X8F/8umikssfYlTL0FMjqp1kiqgLDojcgheFJH+nwLzGieRgic5XxkdK3ES301M:JvkssAlTL0FeiNMj9hYH+wPGieRgvhkZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
859301fc99737573acf075fae8b80530_JaffaCakes118

Files

859301fc99737573acf075fae8b80530_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ccde968b5c1762a6bdea31ab9aae6f52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassNameW
GetForegroundWindow
CloseWindowStation
GetCursorPos
GetDlgItemTextW
PeekMessageW
GetClipboardData
CloseDesktop
SendMessageW
PeekMessageA
GetDlgItemTextA
FindWindowExW
ToUnicode
DispatchMessageW
OpenWindowStationA
OpenDesktopA
CharLowerBuffA
DrawIcon
GetMessageA
GetKeyboardState
LoadCursorW
GetMessageW
GetIconInfo
GetDlgItem
MsgWaitForMultipleObjects
GetKeyState
SetThreadDesktop
GetWindowTextW
SetProcessWindowStation
ExitWindowsEx
GetWindowLongW
GetWindowThreadProcessId
EndDialog

kernel32

lstrlenA
InitializeCriticalSection
DisconnectNamedPipe
MapViewOfFile
CreateEventW
lstrcpynW
GlobalLock
GetVersionExW
SetFileTime
GetModuleFileNameA
SetLastError
CreateFileMappingW
GetUserDefaultUILanguage
GetModuleFileNameW
GetTempPathW
GetLocalTime
GetCurrentThreadId
SetFileAttributesW
lstrlenW
GetSystemTimeAsFileTime
CreateThread
CreateFileW
DeleteFileW
GetProcessTimes
Sleep
HeapReAlloc
CloseHandle
WriteFile
GetModuleHandleA
UnmapViewOfFile
ReadFile
GetComputerNameW
FindFirstFileW
MoveFileExW
GetThreadPriority
GetSystemTime
GetFileSizeEx
GetTimeZoneInformation
lstrcatW
WideCharToMultiByte
HeapAlloc
ExpandEnvironmentStringsW
lstrcmpiW
SetEvent
GetCurrentProcessId
FindClose
lstrcpyW
SystemTimeToFileTime
OpenProcess
FindNextFileW
SetThreadPriority
SetFilePointer
GlobalUnlock
CreateProcessW
MultiByteToWideChar
HeapFree
GetTickCount
WriteProcessMemory

Sections

.qjuv
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ynutmd
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdcb
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccde968b5c1762a6bdea31ab9aae6f52

Headers

File Characteristics

Imports

user32

kernel32

Sections

.qjuv Size: 36KB - Virtual size: 56KB

.ynutmd Size: 2KB - Virtual size: 4KB

.cdcb Size: 7KB - Virtual size: 76KB

.qjuv
Size: 36KB - Virtual size: 56KB

.ynutmd
Size: 2KB - Virtual size: 4KB

.cdcb
Size: 7KB - Virtual size: 76KB