52dbc66f8b29672dbc596c051056c176_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

52dbc66f8b29672dbc596c051056c176_JaffaCakes118
Size

226KB
MD5

52dbc66f8b29672dbc596c051056c176
SHA1

48ba1a0758fe9029852745d2d4b61e3ce63c5603
SHA256

558d0152d0b057c95dc1eb18648e8e3189edf3d05770601c847c9a27c9779beb
SHA512

3f39d36f3bf3449b518900a17b3841239780b1db547ab822b987ca92fdd10bf819a6e13d3bb877c762fc7566b883068cb381a94c003c365480cefa96384d747e
SSDEEP

6144:scP9HTIijwMMzoKIfMgpsysX8GPhslmvs:scFH0/CfMYsr8JMvs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52dbc66f8b29672dbc596c051056c176_JaffaCakes118

Files

52dbc66f8b29672dbc596c051056c176_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b71ce765327105bb856f5807ec049b53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
FindNextFileW
GetProcessHeap
GetFileTime
GetStdHandle
DeleteFileA
GetBinaryTypeA
FindFirstFileW
CreateDirectoryA
FindNextFileA
GetFileSize
GetConsoleCP
GetConsoleMode
GetExitCodeProcess
OpenFile
GetLastError
GetVersion
GetLastError
GetBinaryTypeA
GlobalFree
GetCommandLineA
GetFileTime
GetLastError
FreeConsole
FindNextFileA
GetVersion
GetLastError
GetComputerNameW
GetOEMCP
DeleteFileA
GetCommandLineA
GetLastError
GetCommandLineA
FindFirstFileW
FindNextFileA
OpenFile
GetLastError
FreeConsole
GetExitCodeProcess
GetOEMCP
DeleteFileW
GetProcessHeap
GetBinaryTypeW
GetBinaryTypeA
GlobalFree

advapi32

RegOpenKeyA
RegQueryValueA
RegReplaceKeyW
RegFlushKey
RegDeleteValueA
RegDeleteValueW
RegDeleteKeyA
RegOpenKeyW
RegQueryValueExW
RegDeleteKeyW
RegGetKeySecurity
RegCreateKeyExW
RegQueryInfoKeyW
RegLoadKeyA
RegQueryValueW
RegEnumValueW
RegQueryValueExA
RegCreateKeyExA
RegLoadKeyA
RegEnumKeyExW
RegDeleteValueA
RegOpenKeyW
RegEnumValueA
RegOpenKeyExA
RegReplaceKeyA
RegEnumKeyExA
RegDeleteValueW
RegQueryValueExW
RegEnumKeyW
RegDeleteKeyA
RegGetKeySecurity
RegCreateKeyW

user32

DrawIconEx
CalcMenuBar
GetWindowTextA
DrawTextW
CopyImage
AppendMenuW
DialogBoxParamA
CreateIcon
DrawIcon
GetFocus
DrawTextA
BlockInput
IsMenu
GetWindowTextLengthA
DialogBoxParamW
CreateIcon
AppendMenuW
EndDialog
GetDC
CalcMenuBar
CopyIcon
GetMenu
InsertMenuA
CopyImage
CopyRect
DrawTextA
IsWindow
GetCursor
GetWindowTextA
AppendMenuA
DrawIconEx
IsMenu
BlockInput

Sections

.itext
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 181KB - Virtual size: 501KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b71ce765327105bb856f5807ec049b53

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.itext Size: 29KB - Virtual size: 28KB

.rdata Size: 10KB - Virtual size: 10KB

.init Size: 181KB - Virtual size: 501KB

.idata Size: 4KB - Virtual size: 4KB

.itext
Size: 29KB - Virtual size: 28KB

.rdata
Size: 10KB - Virtual size: 10KB

.init
Size: 181KB - Virtual size: 501KB

.idata
Size: 4KB - Virtual size: 4KB