52cb7e312569f28411d88333ed884adb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

52cb7e312569f28411d88333ed884adb_JaffaCakes118
Size

1.2MB
MD5

52cb7e312569f28411d88333ed884adb
SHA1

9a8ae97fdd39eaf4a236f38b0e3183cc38f0c638
SHA256

1a30194b7200dfe958e2f29a7b6d4cd54c6096dde77c02591f0a36531bc5f455
SHA512

b648458a5752c942d4886e357a03c21da578cd41a38910e186d6bf05fca40838dff4c68eb94d4ae4da4bc044e2bd07dbaf73fee5d0ea9d0065d11196fd03dadc
SSDEEP

24576:zinAEAiLCAwedLyKli0UaUe+lBE25HbEpzSZOYUyD71Jg:zyBrd/iZveoPWfZsg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52cb7e312569f28411d88333ed884adb_JaffaCakes118

Files

52cb7e312569f28411d88333ed884adb_JaffaCakes118
.exe windows:6 windows x86 arch:x86

e8aa88135efbcc7243481bb122c9fbe2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetMessageA
GetSubMenu
PostQuitMessage
LoadIconA
LoadStringA
TranslateMessage
IsClipboardFormatAvailable
MapWindowPoints
DestroyWindow
SendMessageA
CharNextA
UpdateWindow
RegisterClassExA
ShowWindow
DialogBoxParamA
CloseClipboard
MessageBoxA
BeginPaint
DefWindowProcA
LoadMenuA
CreateWindowExA
LoadAcceleratorsA
DispatchMessageA

kernel32

OpenMutexA
CreateMutexA
CreateFileA
ExitProcess
SetFilePointer
HeapFree
InterlockedPushEntrySList
HeapDestroy
ConnectNamedPipe
VirtualFree
WaitNamedPipeA
GetLastError
VirtualAlloc
HeapSize
DisconnectNamedPipe
ReleaseMutex
WriteFileGather
HeapCreate
WaitForMultipleObjects
EnterCriticalSection
InterlockedCompareExchange
GetVersionExA
lstrcmpiA
lstrcpyA
HeapAlloc
HeapLock
InitializeCriticalSection
DosDateTimeToFileTime
ReadFile
GetLocalTime
GetCurrentThreadId
CloseHandle
CreateNamedPipeA
InterlockedPopEntrySList

shell32

SHFormatDrive
SHCreateShellFolderViewEx
SHIsFileAvailableOffline
DAD_DragLeave
SHQueryRecycleBinA
SHGetImageList
PathQualify
RegenerateUserEnvironment
SHGetSettings
SHGetNewLinkInfo
SHFree
SignalFileOpen
FreeIconList
DAD_DragEnterEx2
SHFindFiles
SHCreateShellFolderView
WOWShellExecute
OpenRegStream
SHGetRealIDL
SHChangeNotification_Lock
IsNetDrive
SHAddFromPropSheetExtArray
SHPropStgReadMultiple
IsLFNDriveA
SHFind_InitMenuPopup
DuplicateIcon
SHValidateUNC
DriveType
SHGetFolderLocation
ILCloneFirst
SHCloneSpecialIDList
ILFree
ExtractIconExA
SHGetFolderPathAndSubDirA

Sections

.text
Size: 1007KB - Virtual size: 1007KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8aa88135efbcc7243481bb122c9fbe2

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

shell32

Sections

.text Size: 1007KB - Virtual size: 1007KB

.data Size: 158KB - Virtual size: 157KB

.rsrc Size: 16KB - Virtual size: 3.0MB

.text
Size: 1007KB - Virtual size: 1007KB

.data
Size: 158KB - Virtual size: 157KB

.rsrc
Size: 16KB - Virtual size: 3.0MB