cfa5c7859ee0664844a9bd6baba3ffa7_JaffaCakes118

General

Target

cfa5c7859ee0664844a9bd6baba3ffa7_JaffaCakes118
Size

49KB
MD5

cfa5c7859ee0664844a9bd6baba3ffa7
SHA1

d5aa70375e2f0565ce3cb2c48f9ae152a6d2c30d
SHA256

151b7d66834330ecb7e8b1b0ff1210222ae6c846a6d59c2f4959cac4a30f614c
SHA512

ec482dd68616686679096a98fce97d51f559416120ac21345c80fd9926856188898e09a4027bf93734d68dc6e9e1e65f992abed4cf61eb51d4957479fde9f49f
SSDEEP

1536:JWjr91ldrdaaM5lymAy6l4QITmvCMZjsV:gjrHzfMDymz6l4uvCQA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfa5c7859ee0664844a9bd6baba3ffa7_JaffaCakes118

Files

cfa5c7859ee0664844a9bd6baba3ffa7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cfc2005472aa5e4dfcd0077cd709defc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
FindClose
lstrcpyA
FindResourceW
GetTimeZoneInformation
lstrcmpiW
GetFileSizeEx
LeaveCriticalSection
CreateThread
CreateDirectoryW
lstrcmpiA
ReleaseMutex
SetFileAttributesW
lstrlenW
MapViewOfFile
DisconnectNamedPipe
GetLastError
WriteProcessMemory
HeapAlloc
GetLogicalDrives
WriteFile
GetComputerNameW
GetFileTime
GetCurrentThreadId
GlobalLock
SetEvent
GetVersionExW
lstrcpynW
FindNextFileW
SetEndOfFile
MoveFileExW
GetModuleFileNameA
SetLastError
MultiByteToWideChar
CreateFileW
ReadFile
GetLocalTime
CloseHandle
SetFileTime
lstrlenA
CreateProcessW
WaitForSingleObject
GetCommandLineA
FindFirstFileW
EnterCriticalSection
InitializeCriticalSection
GetSystemTime
lstrcpyW
GetModuleFileNameW
GetSystemTimeAsFileTime
ResetEvent
FlushFileBuffers
CreateFileMappingW
HeapReAlloc
GetTempFileNameW
GetFileSize
GetProcessHeap
SetFilePointer
CreateMutexW
CopyFileW
GetTickCount
GetUserDefaultUILanguage
GetCurrentProcessId
GlobalUnlock
OpenProcess
DeleteFileW
ExpandEnvironmentStringsW
GetProcessTimes
CreateEventW
OpenMutexW
GetTempPathW
HeapFree
lstrcatA
IsBadReadPtr
Sleep
SetThreadPriority
lstrcatW
GetDriveTypeW
GetThreadPriority
UnmapViewOfFile
SystemTimeToFileTime
GetExitCodeProcess
GetModuleHandleA

user32

PeekMessageW
CloseWindowStation
DispatchMessageW
GetDlgItemTextA
PeekMessageA
FindWindowExW
CharLowerBuffA

Sections

.cvgd
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oncz
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mhav
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfc2005472aa5e4dfcd0077cd709defc

Headers

File Characteristics

Imports

kernel32

user32

Sections

.cvgd Size: 39KB - Virtual size: 61KB

.oncz Size: 2KB - Virtual size: 5KB

.mhav Size: 7KB - Virtual size: 80KB

.cvgd
Size: 39KB - Virtual size: 61KB

.oncz
Size: 2KB - Virtual size: 5KB

.mhav
Size: 7KB - Virtual size: 80KB