52ec64dcae7478cd369746621a2da38c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

52ec64dcae7478cd369746621a2da38c_JaffaCakes118
Size

212KB
MD5

52ec64dcae7478cd369746621a2da38c
SHA1

7c5c1a8401e6f4d1c699241679825f3a488103dc
SHA256

77e03be3df6e7a25737803367df7be00806994fbe4286b1c2fd7db2ca0d134ce
SHA512

fe7fd578da21008bb5ab7fc0c1578ef705b75fae00e820d34b8cf27504fe8fb1bf403d4ff9fffbbef4f0eab2e19455180772c0ddb174a74a8c75b12681b2675b
SSDEEP

3072:EGSpAdK6cj0t+qoMO5epXDWe8NPPoFj635jPg:EfKcjxqRO4pXHi32j6J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
52ec64dcae7478cd369746621a2da38c_JaffaCakes118

Files

52ec64dcae7478cd369746621a2da38c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fb6804aacdbfc33a4c70d8ca5e98ee32

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiClassNameFromGuidExW
SetupDiSetDeviceInstallParamsA

kernel32

GetSystemDefaultLCID
HeapCompact
GetModuleHandleA
SetFileBandwidthReservation
CreatePipe
GetSystemPowerStatus
UnlockFileEx
GetSystemTimes
SetProcessShutdownParameters
FillConsoleOutputCharacterW
CompareStringA
DecodePointer

msi

ord30

advapi32

SetPrivateObjectSecurity
QueryUsersOnEncryptedFile
ImpersonateNamedPipeClient

user32

BeginDeferWindowPos
ToUnicodeEx
CharPrevA
InsertMenuW
PtInRect
SendDlgItemMessageA
DrawIconEx
RealGetWindowClassW
LoadCursorFromFileA

rpcrt4

RpcBindingSetAuthInfoW

winmm

waveOutSetVolume
mmioWrite

mprapi

MprAdminInterfaceTransportRemove
MprConfigInterfaceTransportSetInfo
MprAdminInterfaceDisconnect

msvcrt

localeconv
iswascii

opengl32

glEvalMesh1

netapi32

NetApiBufferSize

shlwapi

UrlEscapeW
StrRChrIW

ole32

StgOpenStorageEx

gdi32

SetTextAlign
GetSystemPaletteEntries
StrokePath

wininet

CommitUrlCacheEntryW
GetUrlCacheEntryInfoExW
InternetReadFileExA

oleaut32

SafeArrayCopy

Sections

.text
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb6804aacdbfc33a4c70d8ca5e98ee32

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

msi

advapi32

user32

rpcrt4

winmm

mprapi

msvcrt

opengl32

netapi32

shlwapi

ole32

gdi32

wininet

oleaut32

Sections

.text Size: 187KB - Virtual size: 187KB

.data Size: 18KB - Virtual size: 23KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 187KB - Virtual size: 187KB

.data
Size: 18KB - Virtual size: 23KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB