d52157781b92e538d130c38bb479b1f9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d52157781b92e538d130c38bb479b1f9_JaffaCakes118
Size

138KB
MD5

d52157781b92e538d130c38bb479b1f9
SHA1

ba8a1260531bd8d8e05a316ca01b8a1a436e5171
SHA256

7bc968d8bd559f8c4db98c1896e9fadbd6af884281f9427e19562d051991a388
SHA512

005ac5aed0464dafcd4d86d6b76ee0198ba5671783572fe2dea0fb5988f395ed7df2a3ff0c61f5964f5b716351a6d5a5bfa125d89c3965df41b7c4202caebd39
SSDEEP

3072:OJ60uNijuZpz9pY5tzwLoEwAxdaUi39RYvhmVOio0SahMHeAogwC:OJjjujjHM3AXdeHLOCSahMHeAj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d52157781b92e538d130c38bb479b1f9_JaffaCakes118

Files

d52157781b92e538d130c38bb479b1f9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cffc558119167bc7ba956f765b61c508

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DrawEx
ImageList_EndDrag
ImageList_DragMove
ImageList_GetBkColor
InitCommonControls
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_GetIconSize
ImageList_BeginDrag
ImageList_Draw

oleaut32

SafeArrayGetUBound
SysAllocStringByteLen
SysReAllocStringLen
VariantInit
VariantCopy
GetErrorInfo
SafeArrayGetElement

kernel32

CreateFileW
TerminateThread
CloseHandle
FreeLibrary
MoveFileA
GetModuleHandleA
lstrlenW
TerminateProcess
UnmapViewOfFile
GetSystemInfo
GetStdHandle
FlushFileBuffers
VirtualQueryEx
GetCommandLineW
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
CreateFileMappingA
Sleep
FindResourceA
GlobalFree
GetCurrentThreadId
HeapAlloc
MapViewOfFileEx
CreateFileA
ExitThread
MulDiv
SetFilePointer
WaitForMultipleObjects
GlobalLock
GetVersionExA
FindFirstFileA
SetLastError
LocalAlloc

user32

InsertMenuA
PostThreadMessageA
GetMessageA
PeekMessageA
CreateCaret
GetWindowPlacement
SetRectEmpty
CreateWindowExA
DeleteMenu
LoadIconA
CharUpperA
IsDialogMessageA
CreatePopupMenu
WaitMessage
GetParent
EmptyClipboard
DrawFocusRect
UnpackDDElParam
CharLowerBuffA
BeginPaint
GetMessageTime
IsWindowUnicode
GetWindow
GetMessagePos
GetCursorPos
PostMessageW
ScreenToClient
IntersectRect
FrameRect
SetTimer
ReuseDDElParam
SetWindowPos
ScrollDC
OemToCharA
CharNextA
CharUpperW
OpenClipboard

gdi32

GetEnhMetaFileHeader
OffsetClipRgn
CloseEnhMetaFile
SetBkMode
CreateRectRgn
SetPixel
Polygon
GetBkColor
GetStockObject
OffsetRgn
CopyEnhMetaFileA
CreatePenIndirect
SetTextColor
UnrealizeObject
CreateFontIndirectA
SaveDC
CreateSolidBrush
SelectClipRgn
DeleteEnhMetaFile

shell32

ShellExecuteExA
DragAcceptFiles

ole32

RegisterDragDrop
OleGetClipboard
CoUninitialize

wininet

InternetConnectA
InternetGoOnline
HttpSendRequestA
HttpQueryInfoA
InternetWriteFile

dpmol_hp

_FRteps
_LDtest
_Getcoll
_FXbig
_FDnorm
_Xbig
_LDscale
_LRteps
_Snan

advapi32

RegEnumValueA
RegFlushKey
SetSecurityDescriptorDacl

version

GetFileVersionInfoA

urlmon

CoInternetCreateZoneManager

imm32

ImmGetCompositionStringA

comdlg32

FindTextA

Sections

.text
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cffc558119167bc7ba956f765b61c508

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

oleaut32

kernel32

user32

gdi32

shell32

ole32

wininet

dpmol_hp

advapi32

version

urlmon

imm32

comdlg32

Sections

.text Size: 114KB - Virtual size: 116KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 17KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 114KB - Virtual size: 116KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 17KB - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 4KB