52d828c0ed5f2e2efd3938d1b656ae5b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

52d828c0ed5f2e2efd3938d1b656ae5b_JaffaCakes118
Size

163KB
MD5

52d828c0ed5f2e2efd3938d1b656ae5b
SHA1

0a1e83395d653471afd19117ef5ffd9da2b2a3fc
SHA256

5ed8352eab34dce432fdb8b90c4e32d662d2d3d3a2ed1506b4fe241769b2931c
SHA512

c1c1d1acb58ebc202601d40aaca7af5f8a9a81d7f273c5094fba5f2c4148d9b7280ee7374b89d894f18a727a5d3826b15dad79c748d1e840fd0c2795fd7dcfaf
SSDEEP

3072:UyqRjtpog5KC8k1FpKGxbJQaFg8l3i/X+qm7qSSrqtMg7zW:UygtxIaKGJiaFgYdFemW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52d828c0ed5f2e2efd3938d1b656ae5b_JaffaCakes118

Files

52d828c0ed5f2e2efd3938d1b656ae5b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

346b85f90cfe16f8e824de525357cabe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsDlgButtonChecked
SetDlgItemInt
SetRect
PeekMessageW
SendMessageW
TranslateMessage
GetDlgItem
CheckDlgButton
SetRectEmpty
IsRectEmpty
wsprintfW
MessageBoxW
GetDC
SendDlgItemMessageW
DestroyWindow
DialogBoxParamW
MessageBeep
LoadStringW
EndDialog
EnableWindow
SetDlgItemTextW
ReleaseDC
CharPrevW

kernel32

EnterCriticalSection
lstrcatA
WideCharToMultiByte
lstrcpyA
GlobalReAlloc
lstrlenA
GetDiskFreeSpaceW
LeaveCriticalSection
GetFileSize
ResetEvent
GetCurrentProcessId
QueryPerformanceCounter
GetLastError
GetOverlappedResult
LoadLibraryW
lstrcpyW
lstrcmpW
DeleteCriticalSection
CloseHandle
GlobalSize
IsBadReadPtr
GetACP
CreateFileW
GetTickCount
LocalFree
MultiByteToWideChar
lstrcpynW
GlobalAlloc
ReadFile
GetModuleHandleA
GlobalUnlock
GetFullPathNameW
MulDiv
GetSystemTimeAsFileTime
SetErrorMode
GlobalFree
WriteFile
LocalAlloc
SetUnhandledExceptionFilter
InitializeCriticalSection

msvcrt

??3@YAXPAX@Z
__getmainargs
_adjust_fdiv
atoi
__set_app_type
_purecall
_vsnwprintf
??2@YAPAXI@Z
malloc
_ftol
mbstowcs
__p__commode
memmove
_initterm
free
exit

ole32

OleFlushClipboard
OleInitialize
CoCreateInstance
CoGetMarshalSizeMax
OleUninitialize
ReleaseStgMedium
OleGetClipboard
CoGetMalloc
OleSetClipboard
CoUnmarshalInterface
CreateStreamOnHGlobal
CoMarshalInterface

winmm

mmioClose
mmioOpenW
mmioRead
mmioSeek
mmioWrite

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegCloseKey
RegOpenKeyA
RegQueryValueExA

msvfw32

ICDecompress
ICCompress
ICCompressorFree
ICClose
ICOpen
ICGetDisplayFormat
ICSendMessage
ICCompressorChoose
ICGetInfo

msacm32

acmGetVersion
acmStreamPrepareHeader
acmMetrics
acmStreamUnprepareHeader
acmFormatTagDetailsW
acmFormatChooseW
acmStreamSize
acmStreamClose
acmFormatDetailsW
acmStreamConvert
acmStreamOpen
acmFormatSuggest

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

346b85f90cfe16f8e824de525357cabe

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

ole32

winmm

advapi32

msvfw32

msacm32

Sections

.text Size: 99KB - Virtual size: 98KB

.idata Size: 40KB - Virtual size: 39KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 99KB - Virtual size: 98KB

.idata
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 23KB - Virtual size: 23KB