53ddff3ab46af646f5904ce2d961ae08_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

53ddff3ab46af646f5904ce2d961ae08_JaffaCakes118
Size

249KB
MD5

53ddff3ab46af646f5904ce2d961ae08
SHA1

26354853f401916f9692537fbfc1e81b1872e131
SHA256

77aa2a8fad7184576606dffa193fd0cb390634156000a90ee907e3c6f8de9836
SHA512

87174aa687179fb6e7b212485d25964fb2933e8763f6b15328f94d7a5f4c85746dd42c224cd496037ce175875e94012d62f9fe55467284f1169ef1d48b787227
SSDEEP

6144:9lLIKUXKcr1K6hzj9oxFs49Rm3hIHiWCTlYgBukquGNBe:nsXaco61Zoxl9cSHi29u3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53ddff3ab46af646f5904ce2d961ae08_JaffaCakes118

Files

53ddff3ab46af646f5904ce2d961ae08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba097fc3db74e9561c7b16c0399210a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
QueryServiceStatus
OpenThreadToken
OpenServiceA
OpenSCManagerA
LookupPrivilegeValueA
SetServiceStatus
SetSecurityDescriptorDacl
RegisterServiceCtrlHandlerA
RegSetValueExA
RegEnumKeyA
InitializeSecurityDescriptor
StartServiceCtrlDispatcherA
OpenProcessToken
FreeSid
AllocateAndInitializeSid
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

setupapi

SetupRemoveFromDiskSpaceListA
SetupQueryDrivesInDiskSpaceListA
SetupDestroyDiskSpaceList
SetupCreateDiskSpaceListA
SetupAddToDiskSpaceListA
SetupFindFirstLineA
SetupFindNextLine
SetupInstallServicesFromInfSectionExA
SetupRemoveInstallSectionFromDiskSpaceListA
SetupRemoveSectionFromDiskSpaceListA
SetupQueueCopySectionA
SetupAddInstallSectionToDiskSpaceListA
SetupAddSectionToDiskSpaceListA
SetupQueueDeleteSectionA

kernel32

HeapSize
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
LoadLibraryA
VirtualQuery
InterlockedExchange
InitializeCriticalSection
QueryPerformanceCounter
GetVolumeInformationA
GetSystemTime
OpenProcess
GetVersionExA
GetModuleHandleA
GetDateFormatA
SizeofResource
CreateEventA
FileTimeToLocalFileTime
GetVersion
GetCommandLineA
GetLocalTime
CreateFileA
RemoveDirectoryA
TlsSetValue
TlsAlloc
SetTapePosition
VirtualProtect
BeginUpdateResourceA
GetSystemInfo
HeapFree
HeapAlloc
GetStartupInfoA
SetLastError
GetCurrentThreadId
GetLastError
TlsFree
TlsGetValue
GetProcAddress
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetLocaleInfoA
RtlUnwind
GetACP
GetOEMCP

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba097fc3db74e9561c7b16c0399210a7

Headers

File Characteristics

Imports

advapi32

setupapi

kernel32

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 108KB - Virtual size: 108KB

.data Size: 68KB - Virtual size: 234KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 108KB - Virtual size: 108KB

.data
Size: 68KB - Virtual size: 234KB

.reloc
Size: 9KB - Virtual size: 9KB