5e3af58d9a2dfffe91741547b7e933a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e3af58d9a2dfffe91741547b7e933a0_JaffaCakes118
Size

571KB
MD5

5e3af58d9a2dfffe91741547b7e933a0
SHA1

bd438613e66e8c77dfc7d25c8a01b7ae73ef7d1b
SHA256

7a1e82c7565ccea68f0b35fd103a72da8f8e0080e2ce7de7bc25217a824f0614
SHA512

403d6ad30146b9b17a743b4a549d78010003168b3420ecf5bb78cac700ec46137e6590cae37619278853182ab96da98827c2a09d9e21921b9b4858500f34b7f8
SSDEEP

12288:amIrW5cHJ4paYrzkxcXirJDx696x6mqew5QEQ5lHU7eT2gbikqDMGu+t:amIq5cH6paYr40EN4cxjGrQ5RHyaPq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e3af58d9a2dfffe91741547b7e933a0_JaffaCakes118

Files

5e3af58d9a2dfffe91741547b7e933a0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

70fdddfb26e2516baa378ec9acb0983f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mmTaskCreate
mmTaskBlock
mixerGetLineInfoA
mixerGetLineControlsW
mixerGetID
mixerGetDevCapsA
mixerGetControlDetailsW
mixerGetControlDetailsA
midiStreamPause
midiOutUnprepareHeader
midiOutShortMsg
midiOutPrepareHeader
midiOutOpen
midiOutLongMsg
midiOutGetID

kernel32

SwitchToThread
SetTapeParameters
SetLastError
Process32FirstW
LocalUnlock
IsDebuggerPresent
lstrcpynW
WriteTapemark
WaitForDebugEvent
CreateNamedPipeA
DeleteFileA
DeleteTimerQueueTimer
ExitProcess
ExpandEnvironmentStringsW
FreeLibraryAndExitThread
GetCommandLineA
GetDefaultCommConfigW
GetFileSize
GetLongPathNameW
GetProcAddress
GetTickCount
GetVersion
GetVolumeNameForVolumeMountPointW
GlobalFindAtomW
HeapAlloc
VerLanguageNameA

msi

ord157
ord140
ord132
ord114
ord113
ord97
ord232
ord77
ord71
ord179
ord63
ord44
ord18
ord17

ntdll

RtlUpperString
RtlSubAuthoritySid
NtAllocateVirtualMemory
NtCreateMutant
NtSignalAndWaitForSingleObject
RtlAddAccessDeniedAce
RtlConvertSharedToExclusive
RtlExtendedLargeIntegerDivide
RtlFindClearBits
RtlRealSuccessor
RtlNtStatusToDosError

user32

UnloadKeyboardLayout
UpdateWindow
UnregisterClassA
CharLowerW
CharUpperBuffW
SendMessageCallbackA
SendMessageA
PostMessageA
MapVirtualKeyExW
IsDialogMessageW
EnumPropsExW

version

VerQueryValueW
VerFindFileW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA

comdlg32

GetSaveFileNameW
GetSaveFileNameA
PageSetupDlgW
ChooseColorA
ChooseColorW
ChooseFontA
ChooseFontW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
CommDlgExtendedError
GetOpenFileNameW

setupapi

CM_Free_Resource_Conflict_Handle
CM_Get_Device_IDW
CM_Get_Device_ID_List_ExA
CM_Run_Detection
SetupDiCreateDeviceInterfaceRegKeyW
SetupDiEnumDriverInfoW
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
CM_Enumerate_EnumeratorsA

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 465KB - Virtual size: 467KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70fdddfb26e2516baa378ec9acb0983f

Headers

File Characteristics

Imports

winmm

kernel32

msi

ntdll

user32

version

comdlg32

setupapi

Sections

.text Size: 57KB - Virtual size: 56KB

.data Size: 465KB - Virtual size: 467KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 57KB - Virtual size: 56KB

.data
Size: 465KB - Virtual size: 467KB

.rsrc
Size: 48KB - Virtual size: 47KB