a52f9683b6b1f464d7e6039981122543_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a52f9683b6b1f464d7e6039981122543_JaffaCakes118
Size

588KB
MD5

a52f9683b6b1f464d7e6039981122543
SHA1

d89d4e3b14fccc995be2b7b814eb86eb8b75cde2
SHA256

389b7ea472ea2dac45ddc31fa56c9a47db74c1a45917a17e197495770f640486
SHA512

136905db78e9ef127e6f4bfcdc45a27437d74b169c52e7a9199840948e4da85be8af58dc770640206891dc838689de2103ca24955d515d729d4e3e82960d64b8
SSDEEP

12288:bRaArXSaVI0yAqxGcKyZDJGjVf9EhRQvS8djxz:bRajVxKSlGpf9EhRQqYz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a52f9683b6b1f464d7e6039981122543_JaffaCakes118

Files

a52f9683b6b1f464d7e6039981122543_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e15cb8714661b12ed4aa45a403af163

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
GetObjectW
DeleteObject
GetCharABCWidthsFloatA
DeleteDC
CreateDCA
TextOutA
GetDIBColorTable

wininet

GetUrlCacheGroupAttributeA
FtpRemoveDirectoryW
InternetShowSecurityInfoByURLW
FindFirstUrlCacheGroup

user32

SetWinEventHook
GetUserObjectInformationW
ChangeDisplaySettingsExW
InvalidateRect
GetWindowPlacement
PostMessageW
RegisterClassExA
SendMessageA
SetClipboardData
RegisterClassA
SetWindowContextHelpId
CreateWindowStationA
SetFocus
OpenDesktopW
GetActiveWindow
SetMenuContextHelpId
WinHelpW
SetWindowsHookExA
GetDlgItemTextW
MonitorFromWindow
CreateIconFromResourceEx
RegisterClassW
GetMonitorInfoW
ShowWindow
CreateWindowExA
EnumDesktopWindows
RegisterClassExW
CharLowerW
GetWindow
GetClassInfoA
BroadcastSystemMessage
CreateCaret
DdeAbandonTransaction
MessageBoxW
DdeQueryNextServer
DlgDirListA
ClipCursor
GetDCEx
PaintDesktop
CreateAcceleratorTableA
GetMessagePos
GetClassNameA
DefWindowProcA
ReleaseDC
ReplyMessage
CreateWindowExW
OffsetRect
DestroyWindow
InsertMenuW
RegisterWindowMessageW
OpenDesktopA
EditWndProc
CallWindowProcW

comdlg32

ChooseFontW
ReplaceTextW
GetOpenFileNameW

advapi32

RegCloseKey
CryptGetDefaultProviderA
LookupPrivilegeDisplayNameW
LogonUserA
CryptSetKeyParam
AbortSystemShutdownA
RegQueryValueW
RegRestoreKeyA
RegSetKeySecurity
LookupPrivilegeNameW
LookupSecurityDescriptorPartsW
RegNotifyChangeKeyValue
RegQueryMultipleValuesW
RegQueryValueA

comctl32

ImageList_SetIconSize
ImageList_DragShowNolock
InitCommonControlsEx

kernel32

GetLocaleInfoA
GetEnvironmentStrings
HeapReAlloc
GetProfileSectionA
FreeEnvironmentStringsW
HeapSize
SystemTimeToTzSpecificLocalTime
LockFileEx
GetLastError
WriteFile
GetStartupInfoW
WideCharToMultiByte
DeleteFileW
FlushFileBuffers
SetStdHandle
TlsFree
CompareStringA
VirtualQuery
VirtualFree
TerminateProcess
SetHandleCount
Sleep
TlsGetValue
LoadModule
HeapCreate
CloseHandle
LocalFree
LeaveCriticalSection
LocalReAlloc
SetConsoleCP
LocalLock
SetLastError
EnumSystemLocalesA
GetSystemTimeAsFileTime
OpenWaitableTimerW
CompareStringW
VirtualAlloc
TlsAlloc
LCMapStringW
HeapFree
GlobalDeleteAtom
HeapAlloc
GetCurrentThreadId
GetModuleFileNameA
GetCurrentThread
OpenMutexA
SetUnhandledExceptionFilter
GetCPInfo
RtlUnwind
GetConsoleCP
LCMapStringA
EnumCalendarInfoA
LoadLibraryA
IsValidLocale
GetStdHandle
DeleteCriticalSection
ExitProcess
SetEnvironmentVariableA
GetEnvironmentStringsW
GetUserDefaultLCID
InterlockedExchange
GetModuleHandleA
EnumTimeFormatsA
ExpandEnvironmentStringsW
HeapDestroy
GetStringTypeA
WriteConsoleW
GetOEMCP
UnhandledExceptionFilter
InitializeCriticalSection
GetACP
InterlockedIncrement
TlsSetValue
GetAtomNameW
OpenSemaphoreA
ReadFile
GetModuleFileNameW
WriteConsoleA
GetNumberFormatA
FreeLibrary
CreateProcessA
CreateMutexA
GetProcAddress
GetCurrentProcess
GetCommandLineA
SetFilePointer
GetDateFormatA
IsValidCodePage
GetStartupInfoA
CreatePipe
MultiByteToWideChar
EnterCriticalSection
IsDebuggerPresent
GetStringTypeW
GlobalCompact
GetCurrentProcessId
GetConsoleMode
CreateFileA
GetLocaleInfoW
GetTickCount
SetConsoleCtrlHandler
GetTimeZoneInformation
FreeEnvironmentStringsA
GetFileType
GetConsoleOutputCP
ContinueDebugEvent
SetLocalTime
GetTimeFormatA
ResumeThread
GetVersionExA
InterlockedDecrement
GetCommandLineW
QueryPerformanceCounter
GetProcessHeap

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 254KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e15cb8714661b12ed4aa45a403af163

Headers

File Characteristics

Imports

gdi32

wininet

user32

comdlg32

advapi32

comctl32

kernel32

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 254KB - Virtual size: 253KB

.data Size: 114KB - Virtual size: 128KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 254KB - Virtual size: 253KB

.data
Size: 114KB - Virtual size: 128KB

.rsrc
Size: 10KB - Virtual size: 10KB