52fcdc4ac6e3da3ba86d41e08a57dcba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

52fcdc4ac6e3da3ba86d41e08a57dcba_JaffaCakes118
Size

101KB
MD5

52fcdc4ac6e3da3ba86d41e08a57dcba
SHA1

4ae45383d2517a276ad4a97383f311fc9e9775ef
SHA256

c5a33af17a59958762acf6bb6ea132dcf76e9c97aeed7454e8b65df30cf0343e
SHA512

870cf41966269d9576c3a785fab8ce4f15feadeaa72bd7758279d4c982f2c45f00fd7d04f3ebf3a606357574cf95f24e5c0d5f0a583ef3784e7ab596318110ea
SSDEEP

3072:2fw1hh4u7sYGeVQ26m1brBrwElU3NlEKTB:z1hGVYr+WdBEElKlB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52fcdc4ac6e3da3ba86d41e08a57dcba_JaffaCakes118

Files

52fcdc4ac6e3da3ba86d41e08a57dcba_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8841af38f097512e3863e0f40997fd9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
??1type_info@@UAE@XZ
vswprintf
wcstoul
wcsrchr
memmove
_initterm
wcscmp
malloc
wcscpy
_adjust_fdiv
wcscat
??3@YAXPAX@Z
_wcsicmp
_wcsupr
__dllonexit
??2@YAPAXI@Z
__RTDynamicCast
_onexit
mbstowcs
?terminate@@YAXXZ
wcsstr
wcschr
_except_handler3
wcslen

kernel32

FileTimeToLocalFileTime
lstrcmpiW
FileTimeToSystemTime
SetUnhandledExceptionFilter
OutputDebugStringA
WideCharToMultiByte
GetLastError
GlobalAlloc
IsBadReadPtr
OutputDebugStringW
GetSystemTimeAsFileTime
lstrcpyW
GetCurrentThread
GetSystemDefaultLangID
GetEnvironmentStringsW
GetCPInfo
FormatMessageW
GetModuleFileNameW
lstrlenW
InitializeCriticalSection
InterlockedDecrement
CloseHandle
GetSystemWindowsDirectoryW
LocalFree
CreateFileW
LoadLibraryW
GetComputerNameW
GetDateFormatW
GetCurrentProcess
InterlockedIncrement
GetTickCount
GetProcAddress
GetModuleHandleA
SetLastError
GlobalLock
GetStartupInfoA
LocalReAlloc
QueryPerformanceCounter
DeleteCriticalSection
GlobalFree
GlobalUnlock

certcli

CAUpdateCertType
CASetCertTypeFlags
CAFindByName
CAGetCertTypeExtensions
CAGetCertTypeProperty
CAEnumCertTypesForCA
CAFreeCAProperty
CAFreeCertTypeProperty
CACloseCertType
CAGetCertTypePropertyEx
CAAddCACertificateType
CAFindCertTypeByName
CAFreeCertTypeExtensions
CAUpdateCA
CASetCertTypeKeySpec
CAGetCertTypeFlags
CAEnumNextCertType
CARemoveCACertificateType
CACloseCA
CACertTypeGetSecurity
CAGetCAProperty
CAEnumCertTypes
CAGetCertTypeKeySpec
CASetCertTypeProperty
CASetCertTypeExtension
CACertTypeSetSecurity
CACreateCertType

user32

GetDC
SendMessageW
WinHelpW
SetDlgItemTextW
RegisterClipboardFormatW
SetFocus
GetDlgItemTextA
LoadCursorW
LoadImageW
SystemParametersInfoW
EnableWindow
LoadStringW
MessageBoxW
DialogBoxParamW
LoadBitmapW
wsprintfW
EndDialog
GetParent
GetDlgItem
InsertMenuItemW
GetWindowLongW
SetWindowLongW
SetWindowTextW
ReleaseDC
SetCursor
LoadIconW
PostMessageW
SendDlgItemMessageW

advapi32

RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8841af38f097512e3863e0f40997fd9f

Headers

File Characteristics

Imports

msvcrt

kernel32

certcli

user32

advapi32

comctl32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 68KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 68KB

.rsrc
Size: 23KB - Virtual size: 23KB