52f52fa043552c0176ae3fe2cc01f8cf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

52f52fa043552c0176ae3fe2cc01f8cf_JaffaCakes118
Size

278KB
MD5

52f52fa043552c0176ae3fe2cc01f8cf
SHA1

f0b1ad71527b3ea10280f2bfeba37f9020bffdf2
SHA256

8de41ebc0a8aaaef253f9af6a417514186a870e29b6287a31273197bb7f660cb
SHA512

0a10731e588b167e3a95a4bf53ffde10f6ed549eae9ba082a23bce216994b09fb1db7ba5a7fc27779e87d4e8d6a2d10c85f0a994dc172742b855da95fd7575f0
SSDEEP

6144:UBdqxhKv8h/t62bac+OLVT8QfdaP5PtSq/WaPiZG5h86dobQKn8GJdYRdFpZ:w0hKv8TBbac5VT8Qf2PX/bPiu86dobQH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52f52fa043552c0176ae3fe2cc01f8cf_JaffaCakes118

Files

52f52fa043552c0176ae3fe2cc01f8cf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4838834bf241d09002f7c8a3ddf2536d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

atl

ord43
ord30
ord44
ord57

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
SelectObject

ole32

CoTaskMemAlloc
CoCreateInstance

kernel32

GetCurrentProcess
VirtualAlloc
InterlockedIncrement
lstrlenW
SetEvent
GetLastError
ReadFile
GetProcAddress
WaitForMultipleObjects
CloseHandle
UnmapViewOfFile
GetStdHandle
CreateEventW
CreateFileW
SetProcessShutdownParameters
MapViewOfFile
GlobalDeleteAtom
GetSystemDirectoryW
ReleaseMutex
SetProcessShutdownParameters
LoadLibraryW
GetModuleHandleA
WaitForMultipleObjectsEx
VirtualFree
GetTickCount
GetCurrentThread
GetTickCount
GetOverlappedResult
GetProcessHeap
CancelWaitableTimer
HeapAlloc
MulDiv
CreateMutexW
EnterCriticalSection
DeleteCriticalSection

user32

PtInRect
UnregisterDeviceNotification
EnumDisplayMonitors
ShowWindow
OpenDesktopW
WindowFromPoint
SetThreadDesktop
GetThreadDesktop
EqualRect
PostMessageW
MonitorFromWindow
ClientToScreen
GetSystemMetrics
CharNextW
DestroyWindow
FillRect
GetDoubleClickTime
PostThreadMessageW
UnhookWindowsHookEx
SendInput
GetDC

advapi32

GetTokenInformation
OpenProcessToken
CopySid
RegOpenKeyExW
RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
InitializeSecurityDescriptor
RegQueryValueExA

hid

HidD_GetPreparsedData
HidD_GetProductString
HidP_GetSpecificValueCaps

setupapi

SetupDiGetClassDevsExW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW

msvcrt

_vsnwprintf
malloc
_except_handler3
_controlfp
_cexit
_CxxThrowException
__setusermatherr
_beginthreadex
?terminate@@YAXXZ
??2@YAPAXI@Z
__set_app_type
wcslen
wcstol
fclose
_purecall
_exit
_wcsicmp
_initterm
__p__commode
_adjust_fdiv
exit

Sections

.text
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4838834bf241d09002f7c8a3ddf2536d

Headers

DLL Characteristics

File Characteristics

Imports

atl

gdi32

ole32

kernel32

user32

advapi32

hid

setupapi

msvcrt

Sections

.text Size: 202KB - Virtual size: 202KB

.data Size: 47KB - Virtual size: 46KB

.rsrc Size: 28KB - Virtual size: 556KB

.text
Size: 202KB - Virtual size: 202KB

.data
Size: 47KB - Virtual size: 46KB

.rsrc
Size: 28KB - Virtual size: 556KB