a5a14739d84bcfb3acb6f122873fd6e2_JaffaCakes118

General

Target

a5a14739d84bcfb3acb6f122873fd6e2_JaffaCakes118
Size

540KB
MD5

a5a14739d84bcfb3acb6f122873fd6e2
SHA1

5b5024bc9e63107bf11bc543e8cdcaa278bc0dd9
SHA256

effb640498e17c3caf0175316d071595985cd6ec88591874ad29a7bda1cf6a1f
SHA512

142c424e490de38f4a49384d26aa545d5b61436bdc8016b38eeb5fe7961ad0e156f9567cff4c0cbc8ba329fc457e55afb900723bb196e4b8de6f0908cecb565a
SSDEEP

12288:by6uUxLrmD4iBEsj6xom5Empl8bAG5N6eB:by6uU1iDEdx8d55

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5a14739d84bcfb3acb6f122873fd6e2_JaffaCakes118

Files

a5a14739d84bcfb3acb6f122873fd6e2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ab71280d246e91a3ae5dfae84f2097b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSizeEx
CreateThread
GetCurrentThreadId
lstrcatW
GetLastError
FindFirstFileW
GetLocalTime
MoveFileExW
GetModuleHandleA
MapViewOfFile
HeapReAlloc
CloseHandle
WriteProcessMemory
lstrcpynW
IsBadReadPtr
GetCurrentProcessId
GetTempPathW
GetThreadPriority
FlushFileBuffers
GlobalUnlock
GetTimeZoneInformation
SetFileTime
SetThreadPriority
GetCommandLineA
GetTempFileNameW
GetDriveTypeW
Sleep
SetFileAttributesW
UnmapViewOfFile
lstrcmpiA
CreateEventW
GetComputerNameW
HeapFree
WideCharToMultiByte
HeapAlloc
CreateDirectoryW
CreateFileW
ExpandEnvironmentStringsW
lstrlenA
DisconnectNamedPipe
GetProcessTimes
InitializeCriticalSection
CreateMutexW
CreateFileMappingW
ReleaseMutex
lstrcmpiW
GlobalLock
GetSystemTimeAsFileTime
GetLogicalDrives
GetExitCodeProcess
OpenMutexW
WriteFile
MultiByteToWideChar
GetProcessHeap
FindNextFileW
SetEndOfFile
GetUserDefaultUILanguage
SetFilePointer
ResetEvent
SetLastError
GetSystemTime
EnterCriticalSection
WaitForSingleObject
OpenProcess
lstrcatA
FindClose
LeaveCriticalSection
lstrcpyA
GetModuleFileNameA
GetVersionExW
CreateProcessW
ReadFile
GetTickCount
lstrlenW
FindResourceW
GetFileTime
lstrcpyW
GetFileSize
SystemTimeToFileTime
SetEvent
CopyFileW
DeleteFileW
GetModuleFileNameW

user32

CloseDesktop
ExitWindowsEx
GetKeyboardState
GetDlgItemTextW
DispatchMessageW
LoadCursorW
GetWindowLongW
CloseWindowStation

Sections

.ozkx
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmt
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lwx
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab71280d246e91a3ae5dfae84f2097b9

Headers

File Characteristics

Imports

kernel32

user32

Sections

.ozkx Size: 39KB - Virtual size: 61KB

.svmt Size: 2KB - Virtual size: 5KB

.lwx Size: 7KB - Virtual size: 80KB

.ozkx
Size: 39KB - Virtual size: 61KB

.svmt
Size: 2KB - Virtual size: 5KB

.lwx
Size: 7KB - Virtual size: 80KB