Overview

overview

8

Static

static

3

WindowsReg...er.exe

windows7-x64

3

WindowsReg...er.exe

windows10-2004-x64

3

WindowsReg...ing.py

windows7-x64

3

WindowsReg...ing.py

windows10-2004-x64

3

WindowsReg...2c.exe

windows7-x64

1

WindowsReg...2c.exe

windows10-2004-x64

3

WindowsReg...ld.bat

windows7-x64

1

WindowsReg...ld.bat

windows10-2004-x64

3

WindowsReg...ug.dll

windows7-x64

8

WindowsReg...ug.dll

windows10-2004-x64

8

WindowsReg...ld.bat

windows7-x64

1

WindowsReg...ld.bat

windows10-2004-x64

3

WindowsReg...ug.dll

windows7-x64

3

WindowsReg...ug.dll

windows10-2004-x64

3

WindowsReg...er.vbs

windows7-x64

1

WindowsReg...er.vbs

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    bec253195a90bfa106557bed3d41f4f5_JaffaCakes118

  • Size

    995KB

  • MD5

    bec253195a90bfa106557bed3d41f4f5

  • SHA1

    6fd8015888acf3945450a74e6d6c34f8f11ec187

  • SHA256

    75a233bfc6dcbaf7ee176d01e598b04a56a2542b548cf7d6d250f14fe87f9b68

  • SHA512

    dd6adbb25ea82501c1d68c618e608386f215b132d98ba8d00364f6e9ffc2ecfd3c4dbe711023d17604de94df5928b57183e0b32dcde079e2cc283a6f03dc5c4f

  • SSDEEP

    24576:LwAOJ6/L/WKz9ssAFb7B+FCkXgDtjO9jhuOmB1qiZ+B1gMNgo8e:cAO2jWK6JIzKpOeOmB1zZ+H8e

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • bec253195a90bfa106557bed3d41f4f5_JaffaCakes118
    .zip
  • WindowsRegistryRootkit-master/README.md
  • WindowsRegistryRootkit-master/bin/rootkit_installer.exe
    .exe windows:5 windows x86 arch:x86

    f3d7e0ef0ea093f772ccaceb0277aaa6


    Headers

    Imports

    Sections

  • WindowsRegistryRootkit-master/bin/rootkit_installer.pdb
  • WindowsRegistryRootkit-master/bin/rootkit_ping.py
  • WindowsRegistryRootkit-master/src/bin2c.exe
    .exe windows:4 windows x86 arch:x86

    2a33fb8d31a91297a450bbc15f58a2a1


    Headers

    Imports

    Sections

  • WindowsRegistryRootkit-master/src/common/catchy32.h
  • WindowsRegistryRootkit-master/src/common/catchy32.lib
  • WindowsRegistryRootkit-master/src/common/common.h
  • WindowsRegistryRootkit-master/src/common/debug.cpp
  • WindowsRegistryRootkit-master/src/common/debug.h
  • WindowsRegistryRootkit-master/src/common/ntdll_defs.h
  • WindowsRegistryRootkit-master/src/common/shellcode2_struct.h
  • WindowsRegistryRootkit-master/src/common/undocnt.h
  • WindowsRegistryRootkit-master/src/includes/meterpreter_debug.dll.h
  • WindowsRegistryRootkit-master/src/includes/rootkit_driver_debug.sys.h
  • WindowsRegistryRootkit-master/src/meterpreter/dllmain.cpp
  • WindowsRegistryRootkit-master/src/meterpreter/meterpreter.cpp
  • WindowsRegistryRootkit-master/src/meterpreter/meterpreter.def
  • WindowsRegistryRootkit-master/src/meterpreter/meterpreter.vcproj
    .xml
  • WindowsRegistryRootkit-master/src/meterpreter/post_build.bat
  • WindowsRegistryRootkit-master/src/meterpreter/stdafx.cpp
  • WindowsRegistryRootkit-master/src/meterpreter/stdafx.h
  • WindowsRegistryRootkit-master/src/meterpreter/targetver.h
  • WindowsRegistryRootkit-master/src/meterpreter_bind_tcp.h
  • WindowsRegistryRootkit-master/src/meterpreter_config.h
  • WindowsRegistryRootkit-master/src/meterpreter_debug.dll
    .dll windows:5 windows x86 arch:x86

    b863e7213e63b1c9bb328ae8ceb05038


    Headers

    Imports

    Exports

    Sections

  • WindowsRegistryRootkit-master/src/meterpreter_debug.pdb
  • WindowsRegistryRootkit-master/src/rootkit.sln
  • WindowsRegistryRootkit-master/src/rootkit_driver/bogusproto.cpp
  • WindowsRegistryRootkit-master/src/rootkit_driver/bogusproto.h
  • WindowsRegistryRootkit-master/src/rootkit_driver/debug.h
  • WindowsRegistryRootkit-master/src/rootkit_driver/dll_inject.cpp
  • WindowsRegistryRootkit-master/src/rootkit_driver/dll_inject.h
  • WindowsRegistryRootkit-master/src/rootkit_driver/dll_inject_shellcode.h
  • WindowsRegistryRootkit-master/src/rootkit_driver/ndis_hook.cpp
  • WindowsRegistryRootkit-master/src/rootkit_driver/ndis_hook.h
  • WindowsRegistryRootkit-master/src/rootkit_driver/network.cpp
  • WindowsRegistryRootkit-master/src/rootkit_driver/network.h
  • WindowsRegistryRootkit-master/src/rootkit_driver/post_build.bat
  • WindowsRegistryRootkit-master/src/rootkit_driver/rootkit_driver.cpp
  • WindowsRegistryRootkit-master/src/rootkit_driver/rootkit_driver.h
  • WindowsRegistryRootkit-master/src/rootkit_driver/rootkit_driver.vcproj
    .xml
  • WindowsRegistryRootkit-master/src/rootkit_driver/runtime.cpp
  • WindowsRegistryRootkit-master/src/rootkit_driver/runtime.h
  • WindowsRegistryRootkit-master/src/rootkit_driver/stdafx.h
  • WindowsRegistryRootkit-master/src/rootkit_driver/undocnt.h
  • WindowsRegistryRootkit-master/src/rootkit_driver_config.h
  • WindowsRegistryRootkit-master/src/rootkit_driver_debug.pdb
  • WindowsRegistryRootkit-master/src/rootkit_driver_debug.sys
    .dll windows:5 windows x86 arch:x86

    89f4609abda96f05db7ec5f56a2a9c4b


    Headers

    Imports

    Sections

  • WindowsRegistryRootkit-master/src/rootkit_installer/rootkit_installer.cpp
    .vbs
  • WindowsRegistryRootkit-master/src/rootkit_installer/rootkit_installer.vcproj
    .xml
  • WindowsRegistryRootkit-master/src/rootkit_installer/stdafx.cpp
  • WindowsRegistryRootkit-master/src/rootkit_installer/stdafx.h
  • WindowsRegistryRootkit-master/src/rootkit_installer/targetver.h