fd5991c708b013227b1f066c12f32c22_JaffaCakes118

General

Target

fd5991c708b013227b1f066c12f32c22_JaffaCakes118
Size

53KB
MD5

fd5991c708b013227b1f066c12f32c22
SHA1

87ff805948f883fe8c812396361cf36f5284d3e2
SHA256

34ef88cbfe61b2f557ada0fb5d4347d92aa1ada1a7f09def17eb58b55854afed
SHA512

5e65ead2c71bf839819c9a5c6c10d8ef55119d9b34de893a8afdda95d0555d1a87cbc86c643be1c106105d7f0c0fba0e226b73414cd6101b8df46bc0b7a34793
SSDEEP

1536:+A/nL2CAnelCEW9fCA4dJGRDzGsMrC+C0Up:HfLvIel5wfCzgVzCrm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd5991c708b013227b1f066c12f32c22_JaffaCakes118

Files

fd5991c708b013227b1f066c12f32c22_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9b3806ac99f9511f95cad9d1cbe819bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog
PeekMessageA
GetKeyboardState
OpenWindowStationA
ToUnicode
GetMessageA
GetMessageW
DispatchMessageW
GetWindowLongW
GetWindowTextW
GetDlgItem
DrawIcon
GetForegroundWindow
MsgWaitForMultipleObjects
GetDlgItemTextA
GetIconInfo
GetCursorPos
ExitWindowsEx
GetClipboardData
GetDlgItemTextW
SetThreadDesktop
OpenDesktopA
LoadCursorW
FindWindowExW
GetClassNameW
SetProcessWindowStation
SendMessageW
CloseWindowStation
GetKeyState
GetWindowThreadProcessId
CharLowerBuffA
PeekMessageW
CloseDesktop

kernel32

SetFilePointer
CreateFileMappingW
WaitForSingleObject
GetThreadPriority
GetCurrentProcessId
Sleep
OpenProcess
GetLocalTime
ResetEvent
SetLastError
GetVersionExW
GetFileSizeEx
FindFirstFileW
SetFileTime
GetProcessHeap
UnmapViewOfFile
GetModuleHandleA
HeapReAlloc
lstrcatW
ReleaseMutex
CreateDirectoryW
FindClose
GetCommandLineA
GetFileTime
CopyFileW
GetLogicalDrives
WideCharToMultiByte

Sections

.anefyp
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdazkl
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.turqn
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.khyx
Size: 25KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b3806ac99f9511f95cad9d1cbe819bd

Headers

File Characteristics

Imports

user32

kernel32

Sections

.anefyp Size: 18KB - Virtual size: 39KB

.mdazkl Size: 5KB - Virtual size: 10KB

.turqn Size: 1024B - Virtual size: 1KB

.khyx Size: 25KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.anefyp
Size: 18KB - Virtual size: 39KB

.mdazkl
Size: 5KB - Virtual size: 10KB

.turqn
Size: 1024B - Virtual size: 1KB

.khyx
Size: 25KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB