52e2c23e27a3c78272cac5c574f993ad_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

52e2c23e27a3c78272cac5c574f993ad_JaffaCakes118
Size

236KB
MD5

52e2c23e27a3c78272cac5c574f993ad
SHA1

e7ae4b43659df5e4c685ad9c28d9670666b49d75
SHA256

05a98000282553c66774c0e87641c10c46d308e78579ece74872a4b5ca4b7fc1
SHA512

5bd6fe9695909bd2c670a4a9c6104dade5ec594e205670c01bdfeffc5cc8016f275cec168f79bb6b87ab6effca9616590330b00934da2de88943216b2dfe4a05
SSDEEP

6144:6XFlAP/a+ujP3hM9H1Z7viVZ7sImGSWl5KM:6bAqD29s73N5KM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52e2c23e27a3c78272cac5c574f993ad_JaffaCakes118

Files

52e2c23e27a3c78272cac5c574f993ad_JaffaCakes118
.dll windows:4 windows x86 arch:x86

eb6a7cd81786182d3fb3598e140c7c31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_DrawEx

user32

DrawMenuBar
BeginPaint
UnregisterClassA
GetMenuStringA
GetSystemMetrics
GetKeyboardLayoutList
MsgWaitForMultipleObjects
DestroyIcon
GetActiveWindow
ChildWindowFromPoint
SetScrollInfo
MapWindowPoints
SetWindowPos
AdjustWindowRectEx
GetScrollPos
GetMenuState
CallNextHookEx
GetForegroundWindow
UnhookWindowsHookEx
DefWindowProcA
DefMDIChildProcA
GetKeyboardLayout
GetPropA
SetWindowLongA
SetWindowsHookExA
FindWindowA

kernel32

lstrlenA
GetProcAddress
IsBadReadPtr
GetModuleHandleA
ExitProcess
GetCommandLineA
ExitThread
VirtualAlloc
lstrlenW
GetCommandLineW
LoadLibraryExA
GetACP

ole32

PropVariantClear
ReleaseStgMedium
CoCreateFreeThreadedMarshaler
CoRegisterClassObject
OleRun
GetHGlobalFromStream

version

VerInstallFileA
VerFindFileA

msvcrt

atan
rand
clock
pow
strlen
time

comdlg32

GetFileTitleA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
FindTextA

shell32

SHGetFolderPathA
SHGetDiskFreeSpaceA
SHGetSpecialFolderLocation
SHGetDesktopFolder

advapi32

RegOpenKeyA
RegLoadKeyA
GetLengthSid

Sections

CODE
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 774B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb6a7cd81786182d3fb3598e140c7c31

Headers

File Characteristics

Imports

comctl32

user32

kernel32

ole32

version

msvcrt

comdlg32

shell32

advapi32

Sections

CODE Size: 44KB - Virtual size: 41KB

.rdata Size: 172KB - Virtual size: 337KB

.data Size: 4KB - Virtual size: 774B

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 732B

CODE
Size: 44KB - Virtual size: 41KB

.rdata
Size: 172KB - Virtual size: 337KB

.data
Size: 4KB - Virtual size: 774B

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 732B