52ac517eeba421bb96057c7d3964f423_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

52ac517eeba421bb96057c7d3964f423_JaffaCakes118
Size

275KB
MD5

52ac517eeba421bb96057c7d3964f423
SHA1

3e0cd7f45038e64bd00e79e9aa3097512a9b6cda
SHA256

c5e06aea985895c41813c78a11a9c2acdff0c085d08c0b2e4beb777e59afe513
SHA512

91c8279491b5589b167350b239a463a531194b8e7370a837b06c4b2b90b773c166d0a49525631de9d1d2530597308cefc732cd91d41c0fa1ca96d8530eb587c4
SSDEEP

6144:z7IT5y+YaxjvnrV6CEO7n0Q7+b5gTiHm:z+85eEO7n0Q70gI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52ac517eeba421bb96057c7d3964f423_JaffaCakes118

Files

52ac517eeba421bb96057c7d3964f423_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa1d7bb017d939efafb469b2eed308c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
DeleteFileA
GetFileSize
GetConsoleOutputCP
GetLastError
GetOEMCP
ExitThread
GlobalFree
DeleteFileW
CreateDirectoryA
FindAtomA
GetConsoleMode
GetFileTime
GetCommandLineA
GetCurrentProcess
GetCommandLineA
GetLastError
GlobalFree
Sleep
GetStdHandle
DeleteFileA
OpenFile
GetCurrentThreadId
DeleteFileW
ExitProcess
GetCurrentProcess
GetConsoleMode
ExitThread
CopyFileW
GetOEMCP
GetFileTime
Sleep
GetCPInfo
DeleteFileW
GetUserDefaultLangID
ExitProcess
GlobalFree
GetFileSize
OpenFile
DeleteFileA
CreateDirectoryA
GetComputerNameA
GetCurrentThreadId
GetConsoleOutputCP
FindFirstFileA
CreateProcessA
GetComputerNameA
GetCurrentProcessId
CopyFileW
GetStdHandle
GetConsoleOutputCP
GetFileSize
DeleteFileW
GetCurrentThreadId
GetLastError
Sleep
GetCurrentThread
DeleteAtom
GetUserDefaultLangID
DeleteFileA
FindAtomA
ExitProcess
GetCPInfo
FindFirstFileA
FindAtomA
ExitThread
GetCurrentThreadId
GetOEMCP
GlobalFree
CreateThread
GetConsoleMode
ExitProcess
GetStdHandle
GetCurrentProcessId
DeleteAtom
GetUserDefaultLangID
GetCurrentThread
GetCurrentProcess
CreateDirectoryA
GetConsoleOutputCP
CreateDirectoryA
GetOEMCP
GetComputerNameA
GetConsoleOutputCP
GetCurrentThread
GlobalFree
OpenFile
GetCurrentProcess
DeleteAtom
Sleep
GetCPInfo
GetCommandLineA
GetStdHandle
DeleteFileW
GetFileSize
DeleteFileA
CreateProcessA
GetCurrentProcessId
GlobalFree
OpenFile
GetCurrentThread
GetFileSize
ExitThread
CreateDirectoryA
GetCurrentProcess
DeleteAtom
GetStdHandle
CreateProcessA
CopyFileW
GetOEMCP
Sleep
GetConsoleOutputCP
GetConsoleMode
GetFileSize
DeleteAtom
GetUserDefaultLangID
Sleep
ExitProcess
GetOEMCP
GetLastError
GetCurrentThread
GetCPInfo
DeleteFileW
GetCurrentThreadId
GetCommandLineA
GlobalFree
GetConsoleOutputCP
CreateThread
FindAtomA
CopyFileW

advapi32

RegLoadKeyA
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyA
RegDeleteValueA
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumValueA
RegOpenKeyA
RegCreateKeyW

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 227KB - Virtual size: 527KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa1d7bb017d939efafb469b2eed308c4

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 29KB - Virtual size: 29KB

.edata Size: 5KB - Virtual size: 4KB

.init Size: 227KB - Virtual size: 527KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 29KB - Virtual size: 29KB

.edata
Size: 5KB - Virtual size: 4KB

.init
Size: 227KB - Virtual size: 527KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 6KB