686225b839fcc6dc42f69cd5e7d036f8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

686225b839fcc6dc42f69cd5e7d036f8_JaffaCakes118
Size

129KB
MD5

686225b839fcc6dc42f69cd5e7d036f8
SHA1

514741877679a90b1830d50758faf97a77ea07eb
SHA256

40ebb2a699efa42bfea37224cd06e965f241159eb8e3624469f9bf26bf22a25a
SHA512

85df110e24c6d09f5db1b0198d6654eec9e924adcb797f485124c302d3c93573cddb309ba6d050aedf4d75ab93ac1c1020123a65cf86c56c09ebd078ef8309b5
SSDEEP

1536:lHqfXori9RQu4JMHC1VwFQZYIa9TrlUPJDNwJNajKfRVtDXiqui+8m:kPMomZYZlUZN2aOfRVtDiqui+8m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
686225b839fcc6dc42f69cd5e7d036f8_JaffaCakes118

Files

686225b839fcc6dc42f69cd5e7d036f8_JaffaCakes118
.exe windows:6 windows x86 arch:x86

842a84547254f9b8db1bf9f5bcf77fca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\bwa\appleusbdevicemuxwin_service-33\srcroot\usbmuxd_win\release\AppleMobileDeviceService.pdb

Imports

wsock32

listen
WSACleanup
bind
socket
ioctlsocket
select
send
recv
WSAStartup
ntohl
htonl
closesocket
WSAGetLastError
htons
ntohs
shutdown
setsockopt

ws2_32

WSAResetEvent
WSACloseEvent
WSASetEvent
WSAEnumNetworkEvents
WSAAccept
WSAEventSelect
WSAWaitForMultipleEvents
WSACreateEvent
WSAIoctl

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA

kernel32

ReadFile
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
GetCurrentThreadId
CloseHandle
EnterCriticalSection
CreateEventA
GetCurrentProcessId
GetLocalTime
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateMutexA
ReleaseMutex
CreateSemaphoreA
ReleaseSemaphore
GetLastError
SignalObjectAndWait
SetEvent
FormatMessageA
LocalFree
GetFullPathNameA
GetOverlappedResult
CreateFileA
ResetEvent
DeviceIoControl
CancelIo
GetProcAddress
GetModuleHandleA
ExitProcess
HeapFree
ExitThread
CreateThread
HeapAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
SetHandleCount
GetStdHandle
GetFileType
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
WriteFile
GetModuleFileNameA
LoadLibraryA
Sleep
RtlUnwind
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW

user32

RegisterDeviceNotificationA
UnregisterDeviceNotification

advapi32

DeleteService
StartServiceCtrlDispatcherA
GetSecurityInfo
CloseServiceHandle
OpenServiceA
RegisterServiceCtrlHandlerExA
CreateServiceA
ControlService
FreeSid
ChangeServiceConfig2A
SetSecurityInfo
OpenSCManagerA
SetServiceStatus
AllocateAndInitializeSid
SetEntriesInAclA
RegOpenKeyExA
RegQueryValueExA
RegNotifyChangeKeyValue
RegCreateKeyExA
RegCloseKey

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

842a84547254f9b8db1bf9f5bcf77fca

Headers

File Characteristics

PDB Paths

Imports

wsock32

ws2_32

setupapi

kernel32

user32

advapi32

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 28KB - Virtual size: 33KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 28KB - Virtual size: 33KB

.rsrc
Size: 8KB - Virtual size: 5KB