252a23a4833511c2ab6c921c904ac20f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

252a23a4833511c2ab6c921c904ac20f_JaffaCakes118
Size

177KB
MD5

252a23a4833511c2ab6c921c904ac20f
SHA1

c553ef40a073e45e0494681be3d652ecc30af3f7
SHA256

77410446f57cc9f874b18cd6b13a3d12d24b2b8c532dcdbcd4f764e9bd8a89c6
SHA512

9b695a3ab80a742550a16c2af54662a3caf70f1bee9e00b0c115118f9fdbbf91f7ec3cf5fba1e38b1406c941fc2ca9feee063c68996022b390af8a85ba24dd4e
SSDEEP

3072:m3SHveNA6XMyfs6wLHUw3flQl9R5vMl4ROxO7XGU8BMz1KdZoFSIzZ9EnAb5a4kZ:GqqMmi0w3fliDlxRODU8BGaUZ9P0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
252a23a4833511c2ab6c921c904ac20f_JaffaCakes118

Files

252a23a4833511c2ab6c921c904ac20f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a8e32740e098c7af8ede8dfcecb5bce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

wvsprintfA
MonitorFromWindow
CreateWindowExA
DispatchMessageA
LoadStringA
CopyRect
PeekMessageA
GetMessageA
MsgWaitForMultipleObjects
wsprintfA
PostThreadMessageA
GetQueueStatus
RegisterWindowMessageA
RegisterClassA
DestroyWindow

kernel32

CreateSemaphoreA
MultiByteToWideChar
LoadResource
ResetEvent
InterlockedDecrement
GetProcAddress
IsBadReadPtr
DeleteCriticalSection
GetModuleFileNameA
GetTapeParameters
TerminateThread
GetSystemInfo
GetCurrentThreadId
VirtualFree
CreateThread
GetProcessHeap
GetLastError
ClearCommError
SetThreadPriority
FreeLibrary
GetVersionExA
LoadLibraryA
FindResourceA
SetEvent
CloseHandle
EnumResourceNamesA
LocalFree
HeapFree
GetSystemTime
GetCurrentProcessId
InterlockedIncrement
DisableThreadLibraryCalls
ReleaseSemaphore
GetExitCodeThread
WaitForMultipleObjects
EnterCriticalSection
WideCharToMultiByte
GlobalAlloc
Sleep
LockResource
WaitForSingleObject
LeaveCriticalSection
GetTickCount
GetThreadPriority
GetSystemTimeAsFileTime
ResumeThread
lstrlenA
FatalExit
CreateMutexA
ReleaseMutex
InitializeCriticalSection
CreateFileW
QueryPerformanceCounter
LoadLibraryW
IsBadWritePtr
GetModuleFileNameW
GetCurrentThread
GetACP
VirtualAlloc
CreateEventA
ExitProcess

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegSetValueA
RegDeleteKeyA
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegEnumKeyExA

oleacc

LresultFromObject
CreateStdAccessibleObject

winmm

timeBeginPeriod
timeGetDevCaps
timeGetTime
timeEndPeriod

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CLSIDFromString
CreateItemMoniker
CoInitializeEx
CoRevokeClassObject
CoCreateInstance
StringFromGUID2
CoRegisterClassObject
StringFromCLSID
CoTaskMemFree
CoFreeUnusedLibraries
CreateStreamOnHGlobal
GetRunningObjectTable
CoUninitialize
CoTaskMemAlloc

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a8e32740e098c7af8ede8dfcecb5bce

Headers

File Characteristics

Imports

user32

kernel32

advapi32

oleacc

winmm

shell32

ole32

Sections

.text Size: 119KB - Virtual size: 119KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 52KB

.lib Size: 512B - Virtual size: 236KB

.text
Size: 119KB - Virtual size: 119KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 52KB

.lib
Size: 512B - Virtual size: 236KB