52f57a72299a73ad6e3df7d44cba6f6f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

52f57a72299a73ad6e3df7d44cba6f6f_JaffaCakes118
Size

564KB
MD5

52f57a72299a73ad6e3df7d44cba6f6f
SHA1

eaabcc801cf2bc7d05f91727849c604790ab7bde
SHA256

79ad704de8faba647f6a37d6e6b3e8b89b7c8219dc2405ef5373323f36aec15b
SHA512

dbe1bcb6916a480a8fffb1ad9e9dd2559338d7f6b97f0159bced5fdf3992ec4b28a29f84d832e8e7df4a48c43a0e25b0e828b115eaa8444d4eefc470b6ba6ad8
SSDEEP

12288:LjQrWLhfDEYhIs4W93QgXAy8fZikWjwstJ6MCj3PAzmpVGLx:LjQrWFfDEcP3DATfZvstJ6PYzmpVGLx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52f57a72299a73ad6e3df7d44cba6f6f_JaffaCakes118

Files

52f57a72299a73ad6e3df7d44cba6f6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

071d7a24f50c5009b895850575c1d502

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleInitialize
OleUninitialize

kernel32

GetStringTypeA
VirtualAlloc
FindResourceA
Sleep
VirtualFree
UnmapViewOfFile
GetModuleHandleW
GetACP
lstrcpynA
ReadFile
SetFilePointer
TlsFree
RaiseException
InterlockedCompareExchange
GetCommandLineA
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
InterlockedIncrement
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GetProcAddress
FindFirstFileA
GetProcessHeap
GlobalLock
SetErrorMode
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
GetTickCount
QueryPerformanceCounter
GetOEMCP
HeapFree
GetVersion
SetEndOfFile
TerminateProcess
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
ExitProcess
GetModuleFileNameW
InitializeCriticalSection
SetLastError
TlsGetValue
FindClose
LoadResource
GetEnvironmentVariableA
LocalFree
SetEvent
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
GetCPInfo
CreateFileA
GetLocaleInfoA
GetCurrentProcess
WaitForSingleObject
GetFileAttributesA
ReleaseMutex
HeapAlloc
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetHandleCount
GetStdHandle
GetCurrentThreadId
TlsAlloc
GetLastError
GetVersionExA
HeapDestroy
HeapCreate
RtlUnwind
WriteFile
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
LCMapStringW

user32

PostQuitMessage
PeekMessageA
InvalidateRect
GetSysColor
MessageBoxA
EndDialog
SetForegroundWindow
GetDesktopWindow
LoadIconA
LoadCursorA
GetSubMenu
SetWindowLongA
GetWindowRect
DefWindowProcA
SetFocus
GetWindowLongA
EnableMenuItem
LoadStringA
GetWindow
EnableWindow
ShowWindow

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

cwqgse
Size: 468KB - Virtual size: 465KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

iyiyocq
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qemcgo
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

071d7a24f50c5009b895850575c1d502

Headers

File Characteristics

Imports

ole32

kernel32

user32

Sections

.text Size: 32KB - Virtual size: 30KB

cwqgse Size: 468KB - Virtual size: 465KB

iyiyocq Size: 24KB - Virtual size: 23KB

qemcgo Size: 36KB - Virtual size: 32KB

.text
Size: 32KB - Virtual size: 30KB

cwqgse
Size: 468KB - Virtual size: 465KB

iyiyocq
Size: 24KB - Virtual size: 23KB

qemcgo
Size: 36KB - Virtual size: 32KB