53c7103e59712c6d5355761d1f6ee390_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

53c7103e59712c6d5355761d1f6ee390_JaffaCakes118
Size

132KB
MD5

53c7103e59712c6d5355761d1f6ee390
SHA1

9e1c8a98f64c0443ce42fa689462eaa5cbe08493
SHA256

baf9d8a088eba97cc24a80d7231b97cff0d6fe928ab3f6aa7c10b679a78fd0d7
SHA512

f4efc4da01e43653e9c83a08888d5ad3bcce9da640e34265495773509c07e5061b1e824f980e5dcba8dbb4418193543b013565a9cb755a45400f0401b243e61a
SSDEEP

1536:L6eebt6qq2YBpy8kE5i6kOcXSZo4KWmnhsrJ2lMMgdvyR9f8q+pRPbBf:LObsqfDlQk/Xko4D59yR92

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53c7103e59712c6d5355761d1f6ee390_JaffaCakes118

Files

53c7103e59712c6d5355761d1f6ee390_JaffaCakes118
.dll windows:4 windows x86 arch:x86

209d481369c459b98e03cee21f6a3703

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GlobalHandle
LocalFree
LocalAlloc
HeapAlloc
CompareStringW
GetLocalTime
GlobalMemoryStatus
GetDiskFreeSpaceA
WideCharToMultiByte
SetFilePointer
ReadFile
GetFileSize
GlobalFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
FileTimeToSystemTime
WaitForMultipleObjects
GetTickCount
GetSystemTimeAsFileTime
HeapFree
CreateFileW
WriteFile
GetTempFileNameW
GetTempPathW
RaiseException
SetEvent
ResetEvent
WaitForSingleObject
FindResourceW
LoadResource
SizeofResource
SearchPathW
FreeLibrary
GetModuleFileNameW
lstrcpynW
CloseHandle
CreateEventW
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
lstrcmpiW
DeleteCriticalSection
InitializeCriticalSection
GetLastError
lstrcpyW
lstrlenW
MultiByteToWideChar
VirtualQuery
VirtualAlloc
VirtualProtect
GlobalLock
GlobalAlloc
GetModuleHandleW
GetVersionExA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
ExitThread
IsBadReadPtr
OpenSemaphoreW
GetCurrentProcessId
OutputDebugStringA
GetModuleFileNameA
OutputDebugStringW
GetConsoleWindow
GetCurrentProcess
SetLastError
VerifyVersionInfoW
GetVolumeNameForVolumeMountPointW
UnregisterWaitEx
GlobalUnlock
FreeLibraryAndExitThread
Sleep
GetSystemDirectoryW
QueryPerformanceFrequency
GetSystemPowerStatus
GetEnvironmentStringsW
GetWindowsDirectoryW
InterlockedExchange
GetProcAddress
LoadLibraryA

advapi32

RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExA
RegDeleteKeyW
RegQueryValueExW
LookupPrivilegeValueW
RegCloseKey
RegDeleteValueW
OpenProcessToken
RegSetValueExW

shell32

ShellExecuteW

ole32

CoInitializeEx
CLSIDFromString
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2

msvcrt

wcslen
wcspbrk
wcscpy
free
wcscmp
wcsncat
malloc
realloc
memset
wcsncpy
wcsncmp
wcsrchr

shlwapi

PathAppendW
StrCatBuffW
PathFindFileNameW
PathFindExtensionW

powrprof

WriteGlobalPwrPolicy
ReadGlobalPwrPolicy
GetActivePwrScheme
EnumPwrSchemes

setupapi

SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiDeleteDeviceInfo

Exports

Exports

LinesFile
SectionDirectoryNameButIs
SectionTheIsAnOf
SignificantAlwaysSectionPreserved
SingleFileIs
SyntaxAAre
ValueA
ValueFirstTheA

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

209d481369c459b98e03cee21f6a3703

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

msvcrt

shlwapi

powrprof

setupapi

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 24KB - Virtual size: 191KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 191KB

.reloc
Size: 4KB - Virtual size: 1KB