dd06082287b1a0cfce368ce0558dd740_JaffaCakes118

General

Target

dd06082287b1a0cfce368ce0558dd740_JaffaCakes118
Size

46KB
MD5

dd06082287b1a0cfce368ce0558dd740
SHA1

db546f43f0468bb0f88bbb9f02eebaa12ff478ab
SHA256

c9fc46e506c04af5cf3432bbf3066ff22d07d8b72c4a6f9d634f65814bd8d760
SHA512

a63f9634116a13c2dd3349bce51766160e12dcb76ed84f9c4b324aded05a750f02566668f93e72a961fb6a468c80ad55273d9f8be3cff5c58e1d91995df63b2a
SSDEEP

768:Y+gofZsxqZQnwqOj+nur6YRSnwn2RRYsFE7qbtsDkc9LHBs8PTgnwkdSmXLH:k0sMZ6rQ+nur6YRS6LCmqhslNHLgwkQm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd06082287b1a0cfce368ce0558dd740_JaffaCakes118

Files

dd06082287b1a0cfce368ce0558dd740_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9843e070c6bebc3979beae599d7e3712

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCursorPos
GetKeyboardState
PeekMessageW
OpenWindowStationA
GetMessageA
GetForegroundWindow
GetDlgItemTextW
CloseDesktop
CloseWindowStation
GetDlgItem
MsgWaitForMultipleObjects
GetIconInfo
GetMessageW
CharLowerBuffA
SetProcessWindowStation
SendMessageW
DispatchMessageW
EndDialog
OpenDesktopA
GetDlgItemTextA
LoadCursorW
GetWindowThreadProcessId
GetWindowTextW
SetThreadDesktop
GetKeyState
GetClipboardData
FindWindowExW
GetWindowLongW
GetClassNameW
DrawIcon
PeekMessageA
ToUnicode
ExitWindowsEx

kernel32

SetEvent
HeapReAlloc
SystemTimeToFileTime
lstrlenW
HeapAlloc
GlobalUnlock
HeapFree
WideCharToMultiByte
OpenMutexW
MultiByteToWideChar
GetLocalTime
CreateDirectoryW
FindClose
lstrcmpiW
ExpandEnvironmentStringsW
Sleep
ReadFile
GlobalLock
lstrcatW
LeaveCriticalSection
GetCommandLineA
FindFirstFileW
SetFileTime
GetSystemTime
IsBadReadPtr
GetCurrentThreadId
MapViewOfFile
GetCurrentProcessId
lstrcpyW
ReleaseMutex
WaitForSingleObject
InitializeCriticalSection
GetComputerNameW
GetVersionExW
CreateFileMappingW
GetLogicalDrives
WriteFile
MoveFileExW
WriteProcessMemory
lstrcpyA
GetProcessTimes
SetThreadPriority
CreateMutexW
GetFileSizeEx
FindNextFileW
GetSystemTimeAsFileTime
GetModuleFileNameA
GetExitCodeProcess
CreateThread
GetFileTime
CreateFileW
CloseHandle
GetModuleHandleA
GetProcessHeap
GetLastError
GetDriveTypeW
CopyFileW

Sections

.wpod
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yjcv
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vip
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9843e070c6bebc3979beae599d7e3712

Headers

File Characteristics

Imports

user32

kernel32

Sections

.wpod Size: 36KB - Virtual size: 56KB

.yjcv Size: 2KB - Virtual size: 4KB

.vip Size: 7KB - Virtual size: 76KB

.wpod
Size: 36KB - Virtual size: 56KB

.yjcv
Size: 2KB - Virtual size: 4KB

.vip
Size: 7KB - Virtual size: 76KB