52c25004de06bc8925ba7482fcd33178_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

52c25004de06bc8925ba7482fcd33178_JaffaCakes118
Size

48KB
MD5

52c25004de06bc8925ba7482fcd33178
SHA1

31aff4340d5f3cd8f40e3f514442efedc9920489
SHA256

ac5a476dd15a1a87816cf1773679e1787b6fa9487c2166043fe0cdc10b536a66
SHA512

fba7788459f119ae200af7d7a86c9a7ab387f6d1ba9d875fac1093259482932a4d2fe30f51c5d3bb32edaa65caf27385682e6df5f7e646f68ae32cbad298fdc5
SSDEEP

768:m4uRiwB94oD18DJ8O+5z5jhJoN3VlzBnV:m7Rf94MWQtroNVlzBnV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52c25004de06bc8925ba7482fcd33178_JaffaCakes118

Files

52c25004de06bc8925ba7482fcd33178_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df47fdf0301a249785e20be16b2cb66b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GlobalAlloc
GlobalFree
CopyFileA
lstrcpyA
lstrcatA
CloseHandle
GetCommandLineA
WinExec
GetVersion
VirtualFree
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
HeapFree
GetModuleHandleA
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
lstrcmpiA
ExitProcess
GetStartupInfoA

user32

TranslateMessage
DispatchMessageA
LoadCursorA
IsDialogMessageA
GetMessageA
CreateWindowExA
RegisterClassA
SetCursor
CreatePopupMenu
AppendMenuA
GetCursorPos
TrackPopupMenu
DestroyMenu
CreateDialogParamA
GetWindowTextA
EndDialog
DestroyIcon
DefWindowProcA
GetDlgItem
KillTimer
SetWindowTextA
SendMessageA
SetTimer
UpdateWindow
ShowWindow
DialogBoxParamA
wsprintfA
MessageBoxA
PostQuitMessage
LoadImageA
RegisterClassExA
LoadIconA

gdi32

CreateSolidBrush
SetBkColor

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
ExtractIconA
SHGetPathFromIDListA
ShellExecuteA
Shell_NotifyIconA

rasapi32

RasSetEntryPropertiesA
RasHangUpA
RasGetConnectStatusA
RasEnumDevicesA
RasEnumConnectionsA
RasValidateEntryNameA
RasDeleteEntryA
RasDialA

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df47fdf0301a249785e20be16b2cb66b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

rasapi32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 12KB - Virtual size: 8KB