53c6be38e72a68ff7cf9a6d0c3bcd904_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

53c6be38e72a68ff7cf9a6d0c3bcd904_JaffaCakes118
Size

571KB
MD5

53c6be38e72a68ff7cf9a6d0c3bcd904
SHA1

140a19384db19347bae265e59666326363567bc0
SHA256

c6ddecdf376f4ee63f113b14383526742efe34861db5fe112859920d4bd46e5d
SHA512

e25d910296f30d0a039409501d9a846e11c6f191b649d17ab3f0115d5fc7bd8109462c8845c894ac13e952de359dd576e9f5d799db1a38b057b8f867a7da3a1d
SSDEEP

12288:XAXyFmnXR5eznyXjFVl6/fP8KHSpiE1H74m52nV982/Vst:XACFiXRkTmlohHDAb4l9D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53c6be38e72a68ff7cf9a6d0c3bcd904_JaffaCakes118

Files

53c6be38e72a68ff7cf9a6d0c3bcd904_JaffaCakes118
.exe windows:5 windows x86 arch:x86

40db957f9696523a830d342879c1c41b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OemToCharW
PostMessageA
LoadAcceleratorsW
GetWindowTextA
GetDlgItem
EndMenu
EndDialog
DrawCaption
DestroyWindow
DestroyCursor
CreatePopupMenu
CreateIcon
RegisterClassA
SendMessageA
SetCursor
ShowCaret
ShowWindow
UpdateWindow
LoadCursorA
CharUpperBuffA

version

VerQueryValueW
VerQueryValueA
VerInstallFileA
VerFindFileW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA

setupapi

SetupDiEnumDriverInfoW
SetupDiLoadClassIcon
CM_Add_Empty_Log_Conf_Ex
CM_Create_DevNodeW
CM_Disconnect_Machine
CM_Get_DevNode_Status
CM_Get_Device_ID_List_ExA
CM_Get_Hardware_Profile_InfoA
CM_Get_Res_Des_Data_Size
CM_Query_Arbitrator_Free_Size
CM_Register_Device_Driver_Ex
CM_Register_Device_InterfaceW
CM_Set_HW_Prof_FlagsA
CM_Unregister_Device_Interface_ExA
CM_Unregister_Device_Interface_ExW
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInterfaceA
SetupAddInstallSectionToDiskSpaceListW
CM_Request_Eject_PC

comdlg32

PageSetupDlgW
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseColorW

kernel32

DeleteTimerQueue
VerLanguageNameW
VerLanguageNameA
SetThreadAffinityMask
SetLastError
SetCriticalSectionSpinCount
SetCommState
SearchPathA
ReadFileEx
PulseEvent
OpenSemaphoreA
MoveFileExA
LocalUnlock
LocalFree
InterlockedIncrement
InitAtomTable
HeapAlloc
GlobalAddAtomW
GetVolumeNameForVolumeMountPointW
GetVolumeInformationW
GetVolumeInformationA
GetVersion
GetTickCount
GetLogicalDriveStringsW
GetFileSize
GetDriveTypeW
GetDefaultCommConfigA
GetCurrentThread
GetComputerNameExW
GetCommandLineA
FoldStringA
ExitProcess
GetProcAddress
GetLongPathNameW
DeleteFileA
CreateToolhelp32Snapshot
CreateProcessW
CancelDeviceWakeupRequest
CallNamedPipeA
BuildCommDCBAndTimeoutsA

ntdll

RtlInitNlsTables
RtlInt64ToUnicodeString
RtlNtStatusToDosError
RtlSystemTimeToLocalTime
RtlValidateHeap
RtlpUnWaitCriticalSection
ZwFreeVirtualMemory
ZwPrivilegeObjectAuditAlarm
ZwQueryEvent
RtlDosPathNameToNtPathName_U
RtlDeleteTimerQueue
RtlDebugPrintTimes
NtWriteFile
NtResumeThread
NtRaiseException
NtQueryVirtualMemory
RtlGetCurrentDirectory_U

winmm

midiOutGetID
midiOutGetVolume
midiOutSetVolume
midiStreamProperty
mixerGetControlDetailsW
mixerGetNumDevs
mixerMessage
mixerSetControlDetails
mmTaskCreate

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 464KB - Virtual size: 463KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40db957f9696523a830d342879c1c41b

Headers

File Characteristics

Imports

user32

version

setupapi

comdlg32

kernel32

ntdll

winmm

Sections

.text Size: 58KB - Virtual size: 58KB

.data Size: 464KB - Virtual size: 463KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 464KB - Virtual size: 463KB

.rsrc
Size: 48KB - Virtual size: 47KB