967cd7a4a9dd46ada0bf37509aae885c_JaffaCakes118

General

Target

967cd7a4a9dd46ada0bf37509aae885c_JaffaCakes118
Size

46KB
MD5

967cd7a4a9dd46ada0bf37509aae885c
SHA1

c44841e18cd1c30874d42d10e08b86ce5a5ad953
SHA256

78dac19b17723f54ed2d30c72a399abfc7a29298b431b05f9164ae8dc422d3a1
SHA512

c9f1e56a63f60a8b9c9da1ab0e80aedf91a57ae1da0143cba8592626017fc6ccab9ccd631d9d38304a80a781bd2a9deb5254036e02904971bae9db485e8332df
SSDEEP

768:/YilPdiMc7IM/g9jeozNQI91iPyRyo5HWMbwOQS2wDMWGretKOfMqd8ig9/nHd8e:waI0MY9jxzNn1CPOQ8Cr4KQbd8imq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
967cd7a4a9dd46ada0bf37509aae885c_JaffaCakes118

Files

967cd7a4a9dd46ada0bf37509aae885c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b0659aa44d5ffd4a93c17e804c305fd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
CryptCreateHash
CryptReleaseContext
DuplicateTokenEx
RegQueryValueExW
CryptGetHashParam
RegDeleteValueW

user32

GetWindowLongW
ExitWindowsEx
GetIconInfo
MsgWaitForMultipleObjects
PeekMessageA
GetDlgItemTextA
GetDlgItem
CloseWindowStation
OpenWindowStationA
PeekMessageW
ToUnicode
GetCursorPos
EndDialog
FindWindowExW
LoadCursorW
SetProcessWindowStation
CloseDesktop
GetKeyState
GetWindowThreadProcessId
CharLowerBuffA
GetDlgItemTextW
GetWindowTextW
OpenDesktopA
SetThreadDesktop
DispatchMessageW
SendMessageW
GetKeyboardState
DrawIcon
GetClassNameW
GetForegroundWindow
GetMessageW
GetMessageA
GetClipboardData

kernel32

DisconnectNamedPipe
ReleaseMutex
GetUserDefaultUILanguage
GetThreadPriority
WaitForSingleObject
GetTimeZoneInformation
GetComputerNameW
MapViewOfFile
HeapReAlloc
MultiByteToWideChar
SetEndOfFile
ExpandEnvironmentStringsW
GlobalUnlock
FindClose
SetThreadPriority
HeapAlloc
lstrcmpiA
GetCommandLineA
HeapFree
CopyFileW
GetFileTime
SetFilePointer
lstrcpynW
CreateEventW
lstrlenA
FindFirstFileW
FlushFileBuffers
SetLastError
SetFileAttributesW
GetLocalTime
GetModuleFileNameW
UnmapViewOfFile
CloseHandle
DeleteFileW
GetDriveTypeW
lstrcpyA
GetTempPathW

shlwapi

PathFindFileNameW
PathCombineW
wvnsprintfA
wnsprintfW
StrCmpNIW
SHDeleteKeyA
StrStrW
PathMatchSpecW
PathFileExistsW
wnsprintfA
StrCmpNIA
wvnsprintfW
PathRemoveFileSpecW

Sections

.fepkt
Size: 37KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ebylox
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kzwtcf
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0659aa44d5ffd4a93c17e804c305fd9

Headers

File Characteristics

Imports

advapi32

user32

kernel32

shlwapi

Sections

.fepkt Size: 37KB - Virtual size: 56KB

.ebylox Size: 1024B - Virtual size: 4KB

.kzwtcf Size: 7KB - Virtual size: 76KB

.fepkt
Size: 37KB - Virtual size: 56KB

.ebylox
Size: 1024B - Virtual size: 4KB

.kzwtcf
Size: 7KB - Virtual size: 76KB