52ec2d9f92aa099e2f974bb8ad2708bf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

52ec2d9f92aa099e2f974bb8ad2708bf_JaffaCakes118
Size

195KB
MD5

52ec2d9f92aa099e2f974bb8ad2708bf
SHA1

6442735e3453dfe78ef49c414c557d805a7bc62e
SHA256

671bea8b14dbdd70ad5d548c3b1c8e6bfc51f89b5ae624b90d47d57c29293d85
SHA512

9e81e68a2810592a65a5407fc1809135d4601eb7fd7c21eaaad3fc78b7f25a80cc07b44395dca72148d584dec677d7b75b2be9146b0e2a8e8e15dad289195636
SSDEEP

3072:P9JpOQ8VzUTx5r1kEbd9Y4NURcZJS5wVBUgGlH/33YtM94fzHfziNC:PPMQY+kEbTY4Ne/57lvYtMGfzri

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52ec2d9f92aa099e2f974bb8ad2708bf_JaffaCakes118

Files

52ec2d9f92aa099e2f974bb8ad2708bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2fb76eff3ec0454916a1ccaebfccb9c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFiberEx
GetSystemTime
GetFileType
FileTimeToLocalFileTime
SearchPathW
VerLanguageNameW
GetUserDefaultLangID
SetCommConfig
SetEndOfFile
GetVersionExW
EnumResourceNamesW
GetFileAttributesA
GetProfileStringW
GetVolumeInformationW
LocalAlloc
FileTimeToSystemTime
FlushFileBuffers
LockFile
CompareStringW
FindResourceExA
IsDBCSLeadByte
GetFileTime
UnlockFile
FlushFileBuffers
GetSystemDirectoryW

shlwapi

PathIsRootW
PathIsRelativeW
PathCanonicalizeW
PathStripToRootW
PathIsURLW
PathCombineW

rpcrt4

RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
NdrClientCall
RpcStringFreeA

gdi32

RoundRect
ExtCreatePen
SetStretchBltMode
GetBitmapBits
CreateFontIndirectA
StrokePath
AnimatePalette
PolyBezier
CreatePen
SetTextColor
FlattenPath
GetBkColor
GetPath
PlgBlt
SetDIBits

comdlg32

GetFileTitleA

ole32

ProgIDFromCLSID
RevokeDragDrop
RegisterDragDrop
OleRegGetUserType
OleGetAutoConvert
CoFreeUnusedLibraries
CoTaskMemAlloc
OleDuplicateData
GetHGlobalFromStream
StgOpenStorageOnILockBytes
CLSIDFromString
CoGetClassObject
OleRun
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoGetMalloc
GetHGlobalFromILockBytes
CreateStreamOnHGlobal
CoCreateGuid
CLSIDFromProgID
CoCreateInstance
ReleaseStgMedium
StringFromCLSID
CreateILockBytesOnHGlobal

user32

SetScrollRange
DestroyIcon
SetWindowsHookExW
ToAscii
SetWindowPos
DefWindowProcW
SetClipboardData
IsClipboardFormatAvailable
UnhookWindowsHookEx
GetSysColorBrush
MonitorFromWindow
RegisterClassW
DestroyCursor
WinHelpW
CallNextHookEx
EmptyClipboard
DrawEdge
ClipCursor
ChildWindowFromPoint
GetSysColor

comctl32

ImageList_Create
ImageList_GetIconSize
ImageList_Add
ImageList_DrawEx
ImageList_Destroy

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fb76eff3ec0454916a1ccaebfccb9c5

Headers

File Characteristics

Imports

kernel32

shlwapi

rpcrt4

gdi32

comdlg32

ole32

user32

comctl32

Sections

.text Size: 169KB - Virtual size: 168KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 21KB

.lib Size: 512B - Virtual size: 352KB

.text
Size: 169KB - Virtual size: 168KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 21KB

.lib
Size: 512B - Virtual size: 352KB