fc8d6bfcb4115e9c741058fc5c7ebb92_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fc8d6bfcb4115e9c741058fc5c7ebb92_JaffaCakes118
Size

266KB
MD5

fc8d6bfcb4115e9c741058fc5c7ebb92
SHA1

483fce2ca40e086035ef3b283aa62530c4956b2e
SHA256

515b7d7a5cab355f22ae07274882025435acf0c8c134eed3882420a88386e44a
SHA512

6a423854aea29dc75362f9640a4b4cd743d8eddede7c0726a9df9736da27956f3df1464cb5cdd22c31db307f20aa6c2d502081e142f5ce055613c8cc3b236760
SSDEEP

6144:y6Nd1IKMXEqTjBUc600u5eGXEBYB6hkw+Dp9mIBPDAVu1kc5:1Nd1IVEqfDs6eGXEBzn+99aVuL5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc8d6bfcb4115e9c741058fc5c7ebb92_JaffaCakes118

Files

fc8d6bfcb4115e9c741058fc5c7ebb92_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2cb37c11c21dd2d09d55f332b82a6ae4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

GetTimeFormatA
CompareStringA
SetStdHandle
GetACP
SetEndOfFile
WriteFile
QueryPerformanceCounter
HeapReAlloc
HeapFree
ReadFile
HeapCreate
LoadLibraryA
FreeLibrary
VirtualAlloc
GetOEMCP
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
RtlUnwind
GetCPInfo
GetSystemTimeAsFileTime
VirtualFree
GetCurrentProcessId
SetEnvironmentVariableA
EnterCriticalSection
InitializeCriticalSection
GetTickCount
GetCurrentProcess
EnumResourceTypesA
HeapDestroy
HeapSize
CompareStringW
CreateNamedPipeA
IsValidCodePage
GetDateFormatA
MultiByteToWideChar
LCMapStringW
LCMapStringA
IsDebuggerPresent
GetStringTypeW
SetFilePointer
GetTimeZoneInformation
GetLocaleInfoA
LeaveCriticalSection
RaiseException
GetConsoleOutputCP
WriteConsoleA
GetStringTypeA

advapi32

ChangeServiceConfigW
OpenSCManagerW
IsValidAcl
GetNamedSecurityInfoW
DeleteService
SetSecurityDescriptorDacl
GetAclInformation
EqualSid
RegSaveKeyW
InitializeSecurityDescriptor
RegCloseKey
IsValidSecurityDescriptor
SetNamedSecurityInfoW
CreateServiceW
AllocateAndInitializeSid
RegSetValueExW
UnlockServiceDatabase
ChangeServiceConfig2W
GetSecurityDescriptorControl
RegGetKeySecurity
RegQueryValueExW
QueryServiceStatus
RegDeleteKeyW
RegEnumKeyExW
ControlService
EnumDependentServicesW
RegRestoreKeyW
InitializeAcl
LockServiceDatabase
LookupPrivilegeNameA
FreeSid
OpenProcessToken
GetInheritanceSourceW
AdjustTokenPrivileges
SetEntriesInAclA
QueryServiceLockStatusW
LookupAccountSidW
FreeInheritedFromArray
SetSecurityInfo
SetEntriesInAclW
GetTokenInformation
RegCreateKeyExW
QueryServiceConfigW
OpenServiceW
GetAce
AddAce
LookupPrivilegeDisplayNameA
LookupPrivilegeValueA
RegOpenKeyExW
StartServiceA
RegDeleteValueW
GetSecurityInfo
CloseServiceHandle
RegEnumValueW

shell32

SHGetFolderPathW

oleacc

LresultFromObject
AccessibleObjectFromPoint

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cb37c11c21dd2d09d55f332b82a6ae4

Headers

File Characteristics

Imports

mprapi

newdev

kernel32

advapi32

shell32

oleacc

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 3KB - Virtual size: 147KB

.data Size: 197KB - Virtual size: 196KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 3KB - Virtual size: 147KB

.data
Size: 197KB - Virtual size: 196KB

.rsrc
Size: 512B - Virtual size: 4KB