bf7dee3fb92f5aed7eab321fc5bdb4cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf7dee3fb92f5aed7eab321fc5bdb4cb_JaffaCakes118
Size

850KB
MD5

bf7dee3fb92f5aed7eab321fc5bdb4cb
SHA1

957d9588d27e6f10f2ce2cdb8b0e5dd544411724
SHA256

27cee09b7c36a278d66fb58e262183741096b809f30bddebbc105992d34a655d
SHA512

7d0fe1ad64d80161be4051bc1f1472ac5b1cede1e803977e6e51c5b9fdd02e5c0638bf11785e6f7a2b8ed8b1cc9b68fa901fd243db1650fb625287176daa6694
SSDEEP

24576:giyidxRo0AUvprsCNwMCw2RgTWm1CE6RoGz67:zyidZAWr3DT27sdy67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf7dee3fb92f5aed7eab321fc5bdb4cb_JaffaCakes118

Files

bf7dee3fb92f5aed7eab321fc5bdb4cb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

006ff9aa45327eadf01d1c9b5cf3bcf0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetProcessWindowStation
GetDlgItemTextA
PeekMessageA
GetWindowTextW
ToUnicode
SetThreadDesktop
FindWindowExW
GetCursorPos
GetKeyState
GetClassNameW
DispatchMessageW
OpenWindowStationA
CharLowerBuffA
CloseWindowStation
CloseDesktop
EndDialog
OpenDesktopA
GetClipboardData
GetMessageW
GetDlgItem
DrawIcon
SendMessageW
MsgWaitForMultipleObjects
GetDlgItemTextW
GetForegroundWindow
GetWindowLongW
GetKeyboardState
GetMessageA
PeekMessageW
ExitWindowsEx
GetIconInfo
GetWindowThreadProcessId
LoadCursorW

kernel32

GetTimeZoneInformation
GetFileTime
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
CreateEventW
lstrcatW
GetVersionExW
GlobalLock
FindNextFileW
GetFileSizeEx
LeaveCriticalSection
DeleteFileW
OpenProcess
SetEndOfFile
SetLastError
EnterCriticalSection
CopyFileW
GetModuleFileNameW
DisconnectNamedPipe
CreateFileW
MapViewOfFile
GetLogicalDrives
IsBadReadPtr
HeapFree
InitializeCriticalSection
GlobalUnlock

Sections

.zav
Size: 632KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ulct
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xylsp
Size: 18KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reder
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pmf
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lil
Size: - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tsh
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.azwx
Size: 47KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ofwt
Size: 122KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

006ff9aa45327eadf01d1c9b5cf3bcf0

Headers

File Characteristics

Imports

user32

kernel32

Sections

.zav Size: 632KB - Virtual size: 1.3MB

.ulct Size: 5KB - Virtual size: 5KB

.xylsp Size: 18KB - Virtual size: 26KB

.reder Size: 512B - Virtual size: 20KB

.pmf Size: 5KB - Virtual size: 15KB

.lil Size: - Virtual size: 56B

.tsh Size: 512B - Virtual size: 24B

.azwx Size: 47KB - Virtual size: 76KB

.ofwt Size: 122KB - Virtual size: 1.6MB

.rsrc Size: 18KB - Virtual size: 20KB

.zav
Size: 632KB - Virtual size: 1.3MB

.ulct
Size: 5KB - Virtual size: 5KB

.xylsp
Size: 18KB - Virtual size: 26KB

.reder
Size: 512B - Virtual size: 20KB

.pmf
Size: 5KB - Virtual size: 15KB

.lil
Size: - Virtual size: 56B

.tsh
Size: 512B - Virtual size: 24B

.azwx
Size: 47KB - Virtual size: 76KB

.ofwt
Size: 122KB - Virtual size: 1.6MB

.rsrc
Size: 18KB - Virtual size: 20KB