52e5b4bd12fe5fc8d87f78632b2746d6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

52e5b4bd12fe5fc8d87f78632b2746d6_JaffaCakes118
Size

1.2MB
MD5

52e5b4bd12fe5fc8d87f78632b2746d6
SHA1

46a8f5ed4794696f9c9a820d0e74f2ab5c6ccd92
SHA256

c00d4aa34ab7f5bc9e1354b32eafc3f77f146d7915cea5897aad966eb0b68cf1
SHA512

3d297aa210190d16a7b2c2d0001bb7c3cbbe0494eeb73a10481e0f3b591aef3312ce1c23d2d79b819c30c93e23340e23e7705d55679ce460948982d3bc603bd2
SSDEEP

24576:wiUC5ES9ATaNYYrBtjr1vig/m0uGyeqEF/lnGfYrck:zUCyylvn5mdWck

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52e5b4bd12fe5fc8d87f78632b2746d6_JaffaCakes118

Files

52e5b4bd12fe5fc8d87f78632b2746d6_JaffaCakes118
.exe windows:7 windows x86 arch:x86

f2efed9f484ced4c18ddd15bbbf6f7a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ImageList_GetIcon
ImageList_GetImageCount
ImageList_ReplaceIcon

gdi32

Polygon
BitBlt

msvcrt

memmove
_initterm
_tzset
fseek
_adjust_fdiv
wcsstr
wcsrchr
_open_osfhandle
mktime
__p__fmode
localtime
_wfopen
_snwprintf
_wcmdln
_wcsupr
_cexit
_mbscpy
fclose
__setusermatherr
free
wcspbrk
__set_app_type
_except_handler3
_wcsdup
wprintf

ole32

CLSIDFromString
CoInitializeEx

advapi32

AddAccessAllowedAce
ControlService
CloseServiceHandle
QueryServiceStatus
RegFlushKey
RegQueryValueExA

user32

GetDesktopWindow
DeleteMenu
ShowWindow
InflateRect
UnhookWindowsHookEx
GetMenuItemID
GetMenu
RegisterClassExA
DefWindowProcA
DispatchMessageA
SetTimer
KillTimer
GetMessageA
CreateIconFromResource
UpdateWindow
GetAsyncKeyState
BringWindowToTop
SendMessageA
TranslateMessage
ChildWindowFromPoint
DestroyWindow
GetSubMenu
DestroyIcon
CreateWindowExA

mpr

WNetCloseEnum

setupapi

SetupFindNextLine

shell32

SHGetMalloc

ntdll

isdigit
wcstoul

netapi32

NetShareEnum
NetServerEnum
NetApiBufferFree
NetApiBufferSize

syssetup

AsrRestorePlugPlayRegistryData

kernel32

SetTapeParameters
ReleaseMutex
TerminateThread
EnterCriticalSection
GetModuleHandleA
BackupSeek
GetVersion
Sleep
GetProcessHeap
TerminateProcess
SetErrorMode
CloseHandle
GetFileInformationByHandle
GetCurrentProcessId
FreeLibrary
OpenMutexA
HeapQueryInformation
HeapFree
LoadLibraryA
DeviceIoControl
VirtualAlloc
GetTimeZoneInformation
CreateMutexA
GetLastError
SetFileTime
GetExitCodeThread
WriteTapemark
GetTapeStatus
WideCharToMultiByte
BackupWrite

Sections

.text
Size: 663KB - Virtual size: 663KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 438KB - Virtual size: 438KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2efed9f484ced4c18ddd15bbbf6f7a0

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

gdi32

msvcrt

ole32

advapi32

user32

mpr

setupapi

shell32

ntdll

netapi32

syssetup

kernel32

Sections

.text Size: 663KB - Virtual size: 663KB

.data Size: 438KB - Virtual size: 438KB

.rsrc Size: 83KB - Virtual size: 3.2MB

.text
Size: 663KB - Virtual size: 663KB

.data
Size: 438KB - Virtual size: 438KB

.rsrc
Size: 83KB - Virtual size: 3.2MB