5b1bac0b97ea7273e810d0fd53c76be3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b1bac0b97ea7273e810d0fd53c76be3_JaffaCakes118
Size

137KB
MD5

5b1bac0b97ea7273e810d0fd53c76be3
SHA1

929800dcc6f436fea4952dd75572b326c370d403
SHA256

aceedf16b5a8a42b6b8f038b3f28722a5aee3570d65353e8d3f4ec6ae0285480
SHA512

69f6131da9a625926bb17d5362625585a0d025ee3823e95c30cee0623ff0728a88b8820fc2e7d2a472011579acccddb288cb12bd900210c5d365401476ff1d63
SSDEEP

3072:Dpc4sjIlCy1QmWIUJp5BTN4zFCauycJe0K6budopBMS:9BsjIlCjb5BuRCakJe8budo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1bac0b97ea7273e810d0fd53c76be3_JaffaCakes118

Files

5b1bac0b97ea7273e810d0fd53c76be3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bf9e19ee5f2c8a29c7fe32da8964c710

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadPriority
SwitchToThread
GlobalAlloc
EnumResourceTypesA
OutputDebugStringA
RegisterWaitForInputIdle
GetPrivateProfileStringA
lstrcatW
GetFirmwareEnvironmentVariableA
WriteConsoleInputA
SetLocalTime
WriteProfileSectionA
SetFilePointerEx
GetLastError
LoadLibraryA
FreeLibrary
UTRegister
GetNamedPipeHandleStateW
SetWaitableTimer
GetCurrentProcessId
ReplaceFileA
SetConsoleOutputCP
VirtualAlloc
InitAtomTable
GetPrivateProfileStructA
GetProcessId
GlobalFindAtomA
SetLastError

mmcbase

??9SC@mmcerror@@QBE_NJ@Z
??1CEventBuffer@@QAE@XZ
?GetFacility@SC@mmcerror@@ABE?AW4facility_type@12@XZ
??4CEventBuffer@@QAEAAV0@ABV0@@Z
??0?$CEventLock@UAppEvents@@@@QAE@XZ
?Clear@SC@mmcerror@@QAEXXZ
?Throw@SC@mmcerror@@QAEXJ@Z
?FromLastError@SC@mmcerror@@QAEAAV12@XZ
??4SC@mmcerror@@QAEAAV01@ABV01@@Z
?GetHinst@SC@mmcerror@@SGPAUHINSTANCE__@@XZ
??8SC@mmcerror@@QBE_NJ@Z
?SetHWnd@SC@mmcerror@@SGXPAUHWND__@@@Z
??0CMMCStrongReferences@@AAE@XZ
??4CMMCStrongReferences@@QAEAAV0@ABV0@@Z
?s_hWnd@SC@mmcerror@@0PAUHWND__@@A
??7SC@mmcerror@@QBEHXZ

wtsapi32

WTSEnumerateServersW
WTSQueryUserConfigW
WTSVirtualChannelRead
WTSDisconnectSession
WTSRegisterSessionNotification
WTSEnumerateServersA
WTSOpenServerW
WTSQuerySessionInformationA
WTSSetSessionInformationW
WTSEnumerateProcessesW
WTSSendMessageA
WTSFreeMemory
WTSEnumerateProcessesA
WTSSetUserConfigW
WTSVirtualChannelClose
WTSQueryUserConfigA
WTSSetUserConfigA
WTSShutdownSystem
WTSUnRegisterSessionNotification
WTSWaitSystemEvent
WTSEnumerateSessionsA
WTSVirtualChannelQuery
WTSVirtualChannelOpen
WTSOpenServerA
WTSVirtualChannelPurgeOutput

user32

GetWindowPlacement
DdeQueryConvInfo
FindWindowW
CopyImage
ValidateRect
SendNotifyMessageA
User32InitializeImmEntryTable
SetInternalWindowPos
CreateIcon
ReleaseCapture
UserLpkTabbedTextOut
CascadeWindows
CloseClipboard
MoveWindow
SetCaretPos
CopyIcon
UpdatePerUserSystemParameters
EnumDisplaySettingsExA
WINNLSEnableIME
DdeQueryStringW
AllowForegroundActivation
SetDeskWallpaper
GetClassInfoExW
TileChildWindows
GetPropA

msacm32

acmDriverID
acmFormatTagEnumA
acmDriverDetailsW
acmStreamSize
acmDriverClose
acmMetrics
acmFormatTagDetailsA
acmFilterChooseA
acmStreamMessage
acmFormatDetailsA
acmDriverRemove
acmDriverEnum
acmFormatTagEnumW
acmFilterDetailsW
acmFormatChooseW
acmDriverPriority
acmStreamUnprepareHeader
acmStreamOpen
acmDriverOpen
acmStreamConvert
acmFilterChooseW
acmFormatTagDetailsW
acmMessage32
acmDriverAddA

rsaenh

CPSetProvParam
CPHashData
CPGetHashParam
CPGetProvParam
CPGenRandom
CPSetKeyParam
CPGetUserKey
CPVerifySignature
CPDuplicateKey
CPEncrypt
CPImportKey
CPDeriveKey
CPGetKeyParam
CPDestroyKey
CPExportKey
CPGenKey
CPSignHash
CPSetHashParam

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf9e19ee5f2c8a29c7fe32da8964c710

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mmcbase

wtsapi32

user32

msacm32

rsaenh

Sections

.text Size: 37KB - Virtual size: 36KB

Size: 41KB - Virtual size: 41KB

.data Size: 55KB - Virtual size: 221KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 216B

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 55KB - Virtual size: 221KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 216B