53bbb34fbeb4d95bb5575c04ebfdb1c4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

53bbb34fbeb4d95bb5575c04ebfdb1c4_JaffaCakes118
Size

328KB
MD5

53bbb34fbeb4d95bb5575c04ebfdb1c4
SHA1

158a6dfc82364ca175c9a427e263bb818b15d558
SHA256

8be0e7d0d1fe0f51b9a0a29fa4e6fb091cd3c21a419863223a2d367d04f374c4
SHA512

85629082042a67da098959d0c6b3576f6a82165877169a3b95c82cc9c56b7aff45ff8ceb032b8514de9849653bd80500373b5d6a4a8171bd8a52f846c894e2bd
SSDEEP

6144:nOLpZJyhzv2qu4IqL5/6+Rql0TiNmY+xtm0Ae5vzxdHVcOuz+PCzTR:EpTSJzL5SiPiNmYneJzxlV3uz+PkTR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53bbb34fbeb4d95bb5575c04ebfdb1c4_JaffaCakes118

Files

53bbb34fbeb4d95bb5575c04ebfdb1c4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fbe7144a8e34b980d2843e88121aa305

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteFileA
LoadLibraryA
GetShortPathNameW
GetCPInfoExW
SystemTimeToFileTime
GetPrivateProfileSectionA
GetConsoleTitleA
_lwrite
LocalReAlloc
RemoveDirectoryA
GetDevicePowerState
GetCurrentProcessId
GlobalFindAtomA
BaseFlushAppcompatCache
VirtualAlloc
BuildCommDCBAndTimeoutsA
IsValidLocale
GetEnvironmentStringsA
EnumCalendarInfoExA
ReadConsoleOutputCharacterA
TermsrvAppInstallMode
WriteProcessMemory
AllocateUserPhysicalPages
ReleaseSemaphore
HeapValidate
QueryPerformanceFrequency

imm32

ImmGetRegisterWordStyleA
ImmGetStatusWindowPos
ImmActivateLayout
ImmLockIMC
ImmTranslateMessage
ImmUnregisterWordA
ImmGetGuideLineA
ImmGetOpenStatus
ImmEscapeW
ImmCallImeConsoleIME
ImmSetConversionStatus
ImmGetCandidateListCountA
ImmSetCompositionWindow
ImmDestroySoftKeyboard
ImmGetIMCLockCount
ImmIsUIMessageW
ImmEnumRegisterWordA
ImmGetIMCCSize
ImmFreeLayout
ImmIsIME
ImmCreateSoftKeyboard
ImmGetImeMenuItemsW
ImmGetCompositionFontA
ImmGetVirtualKey
ImmConfigureIMEA

winmm

mmioSetBuffer
mixerOpen
midiInGetErrorTextW
midiOutGetErrorTextA
waveOutGetVolume
waveOutGetErrorTextA
waveInGetID
mixerGetDevCapsW
mixerGetLineControlsW
mciGetDriverData
mciSendStringW
midiInStart
auxGetDevCapsA
waveOutGetNumDevs
waveInClose
mmioRead
waveInGetDevCapsW
mixerGetID
mciExecute
midiDisconnect
tid32Message
midiStreamPause
auxGetDevCapsW

advapi32

LsaRemoveAccountRights
GetInheritanceSourceA
ElfClearEventLogFileA
SystemFunction022
CloseEventLog
GetServiceDisplayNameW
LsaRetrievePrivateData
StartServiceW
GetSecurityDescriptorLength
EnumDependentServicesA
SystemFunction028
OpenThreadToken
A_SHAInit
GetSecurityDescriptorGroup
GetTrusteeNameW
WmiQuerySingleInstanceMultipleA
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptGetDefaultProviderW
BuildTrusteeWithObjectsAndSidA
SetEntriesInAuditListW
RegOpenKeyExW
LsaEnumerateAccountRights
WmiExecuteMethodA

user32

UnregisterDeviceNotification
CascadeChildWindows
SetDebugErrorLevel
GetWindowModuleFileNameW
SetPropW
CopyAcceleratorTableW
EnumPropsExW
ClipCursor
InSendMessage
SendInput
GetNextDlgTabItem
EnumPropsA
PostQuitMessage
IsCharLowerW
GetMessagePos

rtm

RtmReferenceHandles
InsertIntoTable
RtmIsRoute
RtmCreateRouteListEnum
NextMatchInTable
RtmGetExactMatchRoute
CheckTable
RtmDeregisterEntity
RtmReleaseRoutes
MgmDeleteGroupMembershipEntry
RtmDeregisterFromChangeNotification
DestroyTable
RtmGetEnumRoutes
RtmReadInstanceConfig
RtmGetNextRoute
RtmDeleteRouteTable
RtmEnumerateGetNextRoute
RtmGetDestInfo
RtmReleaseNextHops
RtmBlockDeleteRoutes
BestMatchInTable
RtmIgnoreChangedDests

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 222KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbe7144a8e34b980d2843e88121aa305

Headers

File Characteristics

Imports

kernel32

imm32

winmm

advapi32

user32

rtm

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 222KB - Virtual size: 221KB

.data Size: 1024B - Virtual size: 367KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 222KB - Virtual size: 221KB

.data
Size: 1024B - Virtual size: 367KB

.rsrc
Size: 18KB - Virtual size: 18KB