6883a151c051f19152ed02fb87c88a77_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6883a151c051f19152ed02fb87c88a77_JaffaCakes118
Size

265KB
MD5

6883a151c051f19152ed02fb87c88a77
SHA1

68e5cfe6e332e4bc45beb21b3382b5ac11be8668
SHA256

041c2a7f9cfae812ffe8e364a0cb774d28e0cc0beb616c4d5fdac71e6024b5e9
SHA512

9b0d0ac38ed2254ff5a6839d322be566d6149aa1f837ecbd1c81c1091cbb4649a9970ec1457817f6e3d1eef5350c5a2bc4fbf269d343b14d423e358dfdf969c0
SSDEEP

6144:agEIFuZd9bw6Pk7RcZHiYSflMDDdq33oYSo9Pu:xcZfw7iuflqDdq34Yr9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6883a151c051f19152ed02fb87c88a77_JaffaCakes118

Files

6883a151c051f19152ed02fb87c88a77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc1ceac437832da95e9275cbe16aba7c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

kernel32

HeapSize
HeapDestroy
HeapFree
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
CompareStringW
LCMapStringW
IsDebuggerPresent
LoadLibraryA
GetTimeZoneInformation
QueryPerformanceCounter
LeaveCriticalSection
VirtualAlloc
UnhandledExceptionFilter
SetEnvironmentVariableA
GetTimeFormatA
GetCPInfo
LCMapStringA
SetStdHandle
GetStringTypeW
GetCurrentProcessId
GetLocaleInfoA
VirtualFree
EnumResourceTypesA
HeapReAlloc
EnterCriticalSection
FreeLibrary
CompareStringA
RaiseException
GetConsoleOutputCP
CreateMailslotW
WriteConsoleA
GetOEMCP
IsValidCodePage
MultiByteToWideChar
SetFilePointer
InitializeCriticalSection
GetDateFormatA
GetSystemTimeAsFileTime
RtlUnwind
SetEndOfFile
GetTickCount
GetACP
HeapCreate
ReadFile
WriteFile
GetStringTypeA

oleacc

LresultFromObject
AccessibleObjectFromPoint

shell32

SHGetFolderPathW

advapi32

GetSecurityInfo
AddAce
SetSecurityInfo
GetAclInformation
OpenSCManagerW
UnlockServiceDatabase
FreeInheritedFromArray
InitializeAcl
QueryServiceLockStatusW
AllocateAndInitializeSid
EqualSid
RegEnumKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetEntriesInAclW
GetInheritanceSourceW
QueryServiceConfigW
LockServiceDatabase
GetTokenInformation
EnumDependentServicesW
LookupPrivilegeNameA
FreeSid
IsValidSecurityDescriptor
CreateServiceW
StartServiceA
OpenProcessToken
CloseServiceHandle
IsValidAcl
RegCloseKey
SetEntriesInAclA
DeleteService
RegDeleteValueW
RegQueryValueExW
RegDeleteKeyW
AdjustTokenPrivileges
RegSaveKeyW
LookupPrivilegeValueA
SetNamedSecurityInfoW
GetAce
QueryServiceStatus
OpenServiceW
LookupPrivilegeDisplayNameA
GetSecurityDescriptorControl
ChangeServiceConfig2W
GetNamedSecurityInfoW
RegOpenKeyExW
ChangeServiceConfigW
RegRestoreKeyW
LookupAccountSidW
RegSetValueExW
RegGetKeySecurity
ControlService
RegCreateKeyExW
RegEnumValueW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc1ceac437832da95e9275cbe16aba7c

Headers

File Characteristics

Imports

mprapi

kernel32

oleacc

shell32

advapi32

newdev

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 3KB - Virtual size: 151KB

.data Size: 203KB - Virtual size: 202KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 3KB - Virtual size: 151KB

.data
Size: 203KB - Virtual size: 202KB

.rsrc
Size: 512B - Virtual size: 4KB