dee0635d9a95ca808c837e45114d0ee7_JaffaCakes118

General

Target

dee0635d9a95ca808c837e45114d0ee7_JaffaCakes118
Size

46KB
MD5

dee0635d9a95ca808c837e45114d0ee7
SHA1

8e739ca364aa60c01f487ae5d33d2566c879d913
SHA256

848c4b0ff31c9469a7ad9352b5a0a3cc59fffd300c58985a8bfbe8adfc85f9a5
SHA512

f2c0730c8eaa3b7ccff1f8d02da9799132d3e7c24fd195419520cab61239163e47d5911595334b8bdb6dfff47b629def27f10cca9928124a4534b6cc4cbeb5bc
SSDEEP

768:p6YDjbJN7OoJa1J13H2KQvNYkT5OJFaps3iO5MSfHOJPmW/WajA+euBZV0AcUQU:Q6T7O0aHdWFe+5O7a6b5fWlmW/WajrZ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dee0635d9a95ca808c837e45114d0ee7_JaffaCakes118

Files

dee0635d9a95ca808c837e45114d0ee7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

205d0d2da6c2f95a6470042b5ad76132

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OpenWindowStationA
MsgWaitForMultipleObjects
SetThreadDesktop
GetDlgItemTextA
OpenDesktopA
GetMessageW
GetMessageA
CloseDesktop
CharLowerBuffA
LoadCursorW
PeekMessageW
GetIconInfo
SendMessageW
GetKeyState
GetDlgItem
GetClipboardData
DispatchMessageW
SetProcessWindowStation
PeekMessageA
CloseWindowStation
GetWindowThreadProcessId
DrawIcon
FindWindowExW
ToUnicode
ExitWindowsEx
GetCursorPos
GetForegroundWindow
GetKeyboardState
EndDialog
GetWindowLongW
GetDlgItemTextW
GetClassNameW
GetWindowTextW

kernel32

ResetEvent
DeleteFileW
CreateFileW
DisconnectNamedPipe
FlushFileBuffers
lstrcpynW
MultiByteToWideChar
GetCommandLineA
HeapAlloc
GetThreadPriority
lstrlenA
GetProcessHeap
FindClose
UnmapViewOfFile
GetFileSize
CreateFileMappingW
OpenMutexW
GetFileTime
WideCharToMultiByte
FindNextFileW
GetModuleFileNameA
lstrlenW
FindResourceW
IsBadReadPtr
GetFileSizeEx
lstrcpyA
lstrcmpiW
MoveFileExW
LeaveCriticalSection
EnterCriticalSection
GetVersionExW
GetLastError
CreateProcessW
GetTickCount
GetLocalTime
Sleep
OpenProcess
ExpandEnvironmentStringsW
GetCurrentProcessId
SetFileTime
FindFirstFileW
SetEndOfFile
WriteProcessMemory
GlobalUnlock
CreateEventW
GetTempPathW
GetModuleHandleA
GetProcessTimes
SystemTimeToFileTime
GetComputerNameW
CreateDirectoryW
ReadFile
SetFileAttributesW
CreateThread
CloseHandle
lstrcmpiA
lstrcatA

Sections

.rwp
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bezaj
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dwrcr
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

205d0d2da6c2f95a6470042b5ad76132

Headers

File Characteristics

Imports

user32

kernel32

Sections

.rwp Size: 36KB - Virtual size: 56KB

.bezaj Size: 2KB - Virtual size: 4KB

.dwrcr Size: 7KB - Virtual size: 76KB

.rwp
Size: 36KB - Virtual size: 56KB

.bezaj
Size: 2KB - Virtual size: 4KB

.dwrcr
Size: 7KB - Virtual size: 76KB