b6842d9e30cc73bbcc1439e6d14cf040_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b6842d9e30cc73bbcc1439e6d14cf040_JaffaCakes118
Size

53KB
MD5

b6842d9e30cc73bbcc1439e6d14cf040
SHA1

5e16fb43f94fd2cd19f739e8b8bc889fb8fcc210
SHA256

4a6e2d5833dd39d2111f0634aaa38faa97a8e38235df865813d716dac5cf30c9
SHA512

67705e3ca5907ed50f462c9591c986438a7e5df3d2b2efeaa48cf712e7c0f4bb116fe8f76c7b841522e12b13d70c0a08a67854151cae93dbc383bbfac21baba6
SSDEEP

1536:77Lh0Wx403QV3Xbr7ph2L++uYBQ6majf:7/Jx4/VnXbYuu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6842d9e30cc73bbcc1439e6d14cf040_JaffaCakes118

Files

b6842d9e30cc73bbcc1439e6d14cf040_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c68c240f8f656517711f2d49860ddf00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
ExitWindowsEx
GetForegroundWindow
GetDlgItem
PeekMessageA
GetMessageW
ToUnicode
GetDlgItemTextW
SetProcessWindowStation
OpenDesktopA
CharLowerBuffA
CloseWindowStation
GetClipboardData
GetIconInfo
CloseDesktop
GetMessageA
DrawIcon
EndDialog
GetWindowLongW
GetDlgItemTextA
GetClassNameW
MsgWaitForMultipleObjects
SendMessageW
GetKeyState
GetCursorPos
GetKeyboardState
LoadCursorW
SetThreadDesktop
FindWindowExW
GetWindowTextW
PeekMessageW
OpenWindowStationA
DispatchMessageW

kernel32

GetVersionExW
GetProcessTimes
CreateThread
CreateProcessW
GetUserDefaultUILanguage
FindResourceW
Sleep
MoveFileExW
EnterCriticalSection
SetFilePointer
lstrlenA
WriteProcessMemory
GetLogicalDrives
GetCurrentThreadId
CreateFileW
DeleteFileW
FindNextFileW
CreateDirectoryW
ResetEvent
CloseHandle
OpenProcess
GetModuleFileNameW
lstrlenW
UnmapViewOfFile
SetEvent
GlobalLock
WideCharToMultiByte
CopyFileW
GetCommandLineA
lstrcmpiA
CreateEventW
GetFileTime
lstrcpynW
GetComputerNameW
CreateFileMappingW
ExpandEnvironmentStringsW
WaitForSingleObject
ReleaseMutex
GetExitCodeProcess
LeaveCriticalSection
GetCurrentProcessId
lstrcpyA
lstrcpyW
lstrcmpiW
lstrcatA
InitializeCriticalSection
HeapReAlloc
FindFirstFileW
WriteFile
SetLastError
CreateMutexW
GetLocalTime
FindClose
MapViewOfFile
GetModuleFileNameA
HeapFree
SystemTimeToFileTime

Sections

.fsx
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xkvgh
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pyp
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.opgr
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c68c240f8f656517711f2d49860ddf00

Headers

File Characteristics

Imports

user32

kernel32

Sections

.fsx Size: 18KB - Virtual size: 39KB

.xkvgh Size: 5KB - Virtual size: 10KB

.pyp Size: 1024B - Virtual size: 1KB

.opgr Size: 26KB - Virtual size: 132KB

.rsrc Size: 1KB - Virtual size: 4KB

.fsx
Size: 18KB - Virtual size: 39KB

.xkvgh
Size: 5KB - Virtual size: 10KB

.pyp
Size: 1024B - Virtual size: 1KB

.opgr
Size: 26KB - Virtual size: 132KB

.rsrc
Size: 1KB - Virtual size: 4KB