52caeaecba351d51243720aac3fe8f1d_JaffaCakes118

General

Target

52caeaecba351d51243720aac3fe8f1d_JaffaCakes118
Size

92KB
MD5

52caeaecba351d51243720aac3fe8f1d
SHA1

290dd4c0242073e4d3d3aef66053ea7e5a51052e
SHA256

d30f565722867ed80bd4cd6116cd7d1fabf146d807442981fc878f26a9d47f02
SHA512

5c55c46dc39ee44b1b59e98fa8547e7b1e17337ca14c2767479ec2902dadd6126a0f44d0c1c0bd8a7157fa1bcb8b73fee21c8b5c91e989a878434e71f4b675ab
SSDEEP

1536:bdbynrKNGo5OfnAS6vsRudYDhmFnVcOhIh0wtjl2zWisOhic3GmLL:xbynr7AOPAS6rL/c0Ih5pl2zWDO9FX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52caeaecba351d51243720aac3fe8f1d_JaffaCakes118

Files

52caeaecba351d51243720aac3fe8f1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5ab76073739188d3119bbc4e200e690

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyState
GetLastActivePopup
GetWindow
EndDeferWindowPos
GetClassInfoA
GetMenu
GetMenuState
DefMDIChildProcA
GetSubMenu
GetDlgItem
GetSysColorBrush
CharLowerA
SetCursor
EnumThreadWindows
CreatePopupMenu
GetDCEx
GetMenuItemID
CreateWindowExA
MessageBoxA
DrawEdge
GetCursor
CharNextA
GetMenuItemCount
GetForegroundWindow
GetMenuItemInfoA
GetCursorPos

comdlg32

GetFileTitleA
FindTextA

kernel32

GlobalAlloc
GetACP
WriteFile
FindFirstFileA
GetVersionExA
GetThreadLocale
SetLastError
GlobalDeleteAtom
VirtualAlloc
LoadResource
HeapFree
SetFilePointer
VirtualFree
GetLocalTime
GetCurrentThreadId
GetFileAttributesA
GetEnvironmentStrings
lstrcpyA
GetLastError
LocalFree
SetEvent
lstrcatA
GetDateFormatA
lstrlenA
FindResourceA
GetLocaleInfoA
LocalReAlloc
FreeResource
MoveFileExA
FreeLibrary
GetCommandLineA
GetProcAddress
ReadFile
LoadLibraryExA
MoveFileA
CreateFileA
HeapAlloc
EnterCriticalSection
SizeofResource
ExitProcess
GetStringTypeW
GetCurrentProcessId
SetErrorMode

Sections

CODE
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5ab76073739188d3119bbc4e200e690

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

Sections

CODE Size: 15KB - Virtual size: 14KB

.rdata Size: 5KB - Virtual size: 32KB

.edata Size: 68KB - Virtual size: 67KB

.init Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 571B

CODE
Size: 15KB - Virtual size: 14KB

.rdata
Size: 5KB - Virtual size: 32KB

.edata
Size: 68KB - Virtual size: 67KB

.init
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 571B