52e7c66608bd09d775f58c372de663e8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

52e7c66608bd09d775f58c372de663e8_JaffaCakes118
Size

252KB
MD5

52e7c66608bd09d775f58c372de663e8
SHA1

75b3978eb11f458d7e0fa679ebd75bc61679d748
SHA256

dd2f4fb67aaa8a51f9615c03f8caa6f6047d80b2f00b934ee2d6258a28fdaf1c
SHA512

1f1474a8f37824f73e317722861177955aae27ad8dfe09bd1e0ba2f4459f83f27fa467019835631f2215ad5c627de2b80914d1e2de40bf92f178f46976895f41
SSDEEP

6144:0fO5KbMRjQD9yet0jbPYIk3yw63XE6+E9OI8N:06KVD9RtOVk3ywA33+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52e7c66608bd09d775f58c372de663e8_JaffaCakes118

Files

52e7c66608bd09d775f58c372de663e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5f82713a94e1b6f1a3e643323a556bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
SetVolumeLabelA
EnumResourceNamesA
SuspendThread
GetVersion
CreateDirectoryW
LoadLibraryExA
GlobalFindAtomA
GlobalFindAtomW
ReadConsoleOutputA
GlobalAddAtomW
MoveFileExA
CompareStringA
GetThreadPriority
DeleteCriticalSection
LocalFileTimeToFileTime
GlobalUnlock
SetEnvironmentVariableW
RaiseException
GetOverlappedResult
GetComputerNameW
GlobalReAlloc
GetThreadContext
SetThreadLocale
SetProcessShutdownParameters
MultiByteToWideChar
GetFileInformationByHandle
GetFullPathNameA
GetEnvironmentVariableW
ExitThread
GetWindowsDirectoryA
SetProcessAffinityMask
GetProfileStringA
SetSystemTime
SetCommMask
lstrcpyA
EnumSystemCodePagesA
SearchPathW
WriteFile
GetDriveTypeA
GetPrivateProfileSectionW
VirtualFree
GetLogicalDriveStringsA
ExitProcess
ReadFileScatter
SetHandleCount
WaitNamedPipeA
OpenSemaphoreW
InitializeCriticalSection
SetStdHandle
CreateMutexW
GetPrivateProfileStringA
LoadResource
SetConsoleWindowInfo
GetProfileIntA
SetThreadAffinityMask
FatalAppExitA
IsBadReadPtr
LocalSize
PrepareTape
EnumResourceLanguagesW
SetupComm
GetVersionExA
GetCommandLineA
FileTimeToLocalFileTime
_hread
ScrollConsoleScreenBufferA
lstrcmpA
GetModuleFileNameW
SetEnvironmentVariableA
AreFileApisANSI
CreateDirectoryExA
CreateMutexA
lstrcmpiW
VirtualAlloc
VirtualQueryEx
WriteConsoleOutputW
SetConsoleTitleA
CreateIoCompletionPort
OutputDebugStringW
SetConsoleMode
ReadConsoleInputW
RemoveDirectoryA
EnumSystemCodePagesW
ConnectNamedPipe
EnumDateFormatsW
ReleaseSemaphore
TlsGetValue
FindResourceExW
WritePrivateProfileStringA

user32

MessageBoxExA
CloseWindowStation
ToUnicode
LoadStringW
DeferWindowPos
CharNextA
CreateIcon
SetClassLongW
GetSysColorBrush
EnableMenuItem
CopyAcceleratorTableA
GetPropA
ChangeMenuW
GetClipCursor
PostMessageA
BeginDeferWindowPos
DialogBoxIndirectParamW
GetMessageTime
CopyRect
CreateDesktopA
GetCaretPos
GetScrollRange
CloseClipboard
TranslateAcceleratorA
GetClassInfoA
GetWindow
CallWindowProcW
PeekMessageA
GetWindowLongA
WindowFromPoint
InsertMenuItemW
OpenClipboard
ShowOwnedPopups
EnableScrollBar
SetWindowPlacement
EnumThreadWindows
DrawTextA
SetMenu
GetWindowLongW
GetTitleBarInfo
OpenDesktopW
EnumDisplaySettingsExW
EnumDisplayMonitors
EnumDisplaySettingsA
GetClassLongA
GetNextDlgTabItem
DefWindowProcA
ScrollWindowEx
GetFocus
GetClipboardOwner
LoadImageA
FrameRect
MapVirtualKeyA
GetScrollInfo
UpdateWindow
GetCursorPos
UnhookWindowsHook
DrawTextExW

gdi32

GetBrushOrgEx
CloseFigure
SetAbortProc
GetTextAlign
Ellipse
LPtoDP
RemoveFontResourceW
SetGraphicsMode
CreateFontA
GetCharWidthA
CreateDIBPatternBrushPt
PolyPolyline
CreateRectRgnIndirect
CreateFontIndirectW
ExtTextOutA
StretchDIBits
CreateCompatibleDC
GetObjectA
CreatePalette

comdlg32

ChooseColorA
GetFileTitleA

advapi32

MapGenericMask
CreateProcessAsUserW
GetTokenInformation

ole32

CoFreeAllLibraries
CreateStreamOnHGlobal

oleaut32

SysStringLen
SafeArrayUnaccessData
LoadTypeLibEx
QueryPathOfRegTypeLi
SysAllocStringLen

comctl32

DestroyPropertySheetPage

shlwapi

ChrCmpIW
StrCmpLogicalW
UrlCombineW
SHGetValueA
SHSetValueW
StrChrIA
StrCatBuffA
PathFindExtensionA
StrStrIA
StrTrimW
SHEnumValueW
PathGetCharTypeA
PathAddExtensionW
PathRenameExtensionW
PathCompactPathW
HashData

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f5f82713a94e1b6f1a3e643323a556bd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 232KB - Virtual size: 229KB