52bc7da9160c77c6ca0a4f7724d6c9c4_JaffaCakes118

General

Target

52bc7da9160c77c6ca0a4f7724d6c9c4_JaffaCakes118
Size

179KB
MD5

52bc7da9160c77c6ca0a4f7724d6c9c4
SHA1

e1ff63c82452754c07f5ee5a81057e10f114f17b
SHA256

67052c7cda89e06af770a41e51619ab092760d05f2bc95679cb54ef275a0623b
SHA512

a4574feb2be2f459960ebf8d6e45c176bbfef62fa130059c3409d5b23af668e5384504d3e10ec526607c962d97ae1844ccea51a8d64dd04fad9c2c47138c8814
SSDEEP

3072:7w8JzVHF12ZUjoovuOu7N+NJpF2k7wun673zJZrkPykPGmmmFtktAmmRir:TJzH77uOu8jxk9rznCRTmmMr0ir

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52bc7da9160c77c6ca0a4f7724d6c9c4_JaffaCakes118

Files

52bc7da9160c77c6ca0a4f7724d6c9c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a44df316d2a85e0fed2c74b7aeb93f3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
SHFileOperationA
ShellExecuteA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoCreateInstance
OleUninitialize
OleInitialize
CoTaskMemFree

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetExitCodeProcess
ReadFile
MulDiv
FlushInstructionCache
LoadLibraryExA
WaitForSingleObject
GetWindowsDirectoryA
WritePrivateProfileStringA
GetModuleHandleA
MultiByteToWideChar
EnumResourceNamesW
FindFirstFileA
FreeLibrary
WriteFile
SetupComm
FindNextFileA
GetPrivateProfileStringA
GlobalAlloc
DeleteFileA
SetFilePointer
GetProcAddress
FindClose
GlobalFree

rpcrt4

NdrComplexArrayFree
UuidCreate

advapi32

RegEnumValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

comctl32

ImageList_Create
ImageList_Destroy
ImageList_AddMasked

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a44df316d2a85e0fed2c74b7aeb93f3f

Headers

File Characteristics

Imports

shell32

ole32

version

kernel32

rpcrt4

advapi32

comctl32

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 66KB - Virtual size: 66KB

.reloc Size: 1024B - Virtual size: 116KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 66KB - Virtual size: 66KB

.reloc
Size: 1024B - Virtual size: 116KB