cf38768c41f7f518386b6a1c72c34fab_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cf38768c41f7f518386b6a1c72c34fab_JaffaCakes118
Size

53KB
MD5

cf38768c41f7f518386b6a1c72c34fab
SHA1

3e14e67988af97bf81b3d3e5fced5f11bda46674
SHA256

399fc3b636027fd5b1d478fa0031226df7285438a20de23bd4d5b5a9832cfca7
SHA512

8d677fb8ab0c35606cfadc8d29544e225a908bc50aba0180e187f4f7645656f10d1f36462d0a4ef0d975b59d689c93df377a0d683a9013b3e4b2bfa6b3a629ff
SSDEEP

768:I1zuVnuiyMN0b5ocCH7+oxuUIS7acYzMoDQrugSsabBd7YJyKo5huioofj2BxZp7:4z+uiyMq1oc2XL7QzM4QrgsaMYB50ib

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf38768c41f7f518386b6a1c72c34fab_JaffaCakes118

Files

cf38768c41f7f518386b6a1c72c34fab_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3ec2c73b1659b8f009482f0d48fb2c88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharLowerBuffA
GetWindowLongW
DrawIcon
ExitWindowsEx
ToUnicode
GetDlgItem
GetIconInfo
EndDialog
SetProcessWindowStation
CloseDesktop
SetThreadDesktop
GetMessageW
GetDlgItemTextW
MsgWaitForMultipleObjects
GetWindowTextW
GetCursorPos
OpenWindowStationA
GetClassNameW
GetClipboardData
DispatchMessageW
OpenDesktopA
GetKeyState
GetKeyboardState
GetForegroundWindow
PeekMessageA
SendMessageW
GetWindowThreadProcessId
CloseWindowStation
FindWindowExW
GetDlgItemTextA
GetMessageA
PeekMessageW
LoadCursorW

kernel32

HeapAlloc
lstrcmpiW
GetSystemTime
WaitForSingleObject
Sleep
CreateFileW
lstrlenW
GetLastError
GetCurrentThreadId
GetModuleHandleA
GetTempFileNameW
FindClose
GetCommandLineA
GetCurrentProcessId
CreateDirectoryW
WriteProcessMemory
SetEndOfFile
GetModuleFileNameA
HeapFree
GetTickCount
GetExitCodeProcess
lstrcpynW
SetLastError
MoveFileExW
GetDriveTypeW
CreateMutexW
lstrcpyA
CreateThread
GetModuleFileNameW
GetLogicalDrives
WriteFile
CreateProcessW
GetTempPathW
ReadFile
ExpandEnvironmentStringsW
LeaveCriticalSection
EnterCriticalSection
GlobalLock
GetVersionExW
FindFirstFileW
GetProcessTimes
HeapReAlloc
SetEvent
GetFileTime
MapViewOfFile
ReleaseMutex
GetLocalTime
GetThreadPriority
UnmapViewOfFile
MultiByteToWideChar
SetFilePointer
SetFileAttributesW
DeleteFileW
lstrlenA
SetFileTime
CopyFileW
GetUserDefaultUILanguage

Sections

.hev
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.folqj
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fwvgp
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ilwrmp
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ec2c73b1659b8f009482f0d48fb2c88

Headers

File Characteristics

Imports

user32

kernel32

Sections

.hev Size: 18KB - Virtual size: 39KB

.folqj Size: 5KB - Virtual size: 10KB

.fwvgp Size: 1024B - Virtual size: 1KB

.ilwrmp Size: 26KB - Virtual size: 132KB

.rsrc Size: 1KB - Virtual size: 4KB

.hev
Size: 18KB - Virtual size: 39KB

.folqj
Size: 5KB - Virtual size: 10KB

.fwvgp
Size: 1024B - Virtual size: 1KB

.ilwrmp
Size: 26KB - Virtual size: 132KB

.rsrc
Size: 1KB - Virtual size: 4KB