01231231502d2b3006fb947995828ac6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01231231502d2b3006fb947995828ac6_JaffaCakes118
Size

852KB
MD5

01231231502d2b3006fb947995828ac6
SHA1

53072573adc2fdb1c5bf6da2a0175319b6206bf4
SHA256

bcdaa7d696b7e4597fe2b22e5ba42f40f3e7a5c930a150b063278b59a2c3537c
SHA512

66182fade4dcaaa084e38cc4e01c1b913335e035d397abc77c260221846b5672e266a87f6f997766d8fe2ebd90974002190f260dd3c7d47ef71497ba20609b0b
SSDEEP

12288:kQirnBx/7brgzblEOGSEzUvzblE4wEQRUSEcfv44IdmIK:4nnzg+OP+ac34

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01231231502d2b3006fb947995828ac6_JaffaCakes118

Files

01231231502d2b3006fb947995828ac6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2d0c158a8cd4ab727de747f99d64726

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\workingdirectory\chpinstalleriif\1.1.05\installer\chipset\release\Setup.pdb

Imports

setupapi

SetupFindNextLine
SetupGetLineTextW
SetupFindFirstLineW
SetupOpenInfFileW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetINFClassW
SetupGetStringFieldW
SetupDiGetDeviceRegistryPropertyW
SetupCopyOEMInfW
SetupCloseInfFile

shlwapi

PathRelativePathToW
PathFindFileNameW
PathAppendW

kernel32

FindResourceW
SetEvent
CreateEventW
CreateThread
VerifyVersionInfoW
VerSetConditionMask
FindNextFileW
FindClose
FindFirstFileW
GetLocalTime
GetCurrentProcess
GetProcAddress
GetModuleHandleW
GetVersionExW
TerminateProcess
OpenProcess
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
GetFileAttributesW
GetModuleFileNameW
GetWindowsDirectoryW
DeleteFileW
SetFileAttributesW
CopyFileW
ExitProcess
CreateProcessW
SizeofResource
Sleep
ConvertDefaultLocale
GetSystemDefaultLangID
EnumResourceLanguagesW
WriteFile
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSection
GetModuleFileNameA
GetStdHandle
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
LoadResource
LockResource
MultiByteToWideChar
CreateFileW
GetFileSize
ReadFile
WaitForSingleObject
SetLastError
CloseHandle
GetLastError
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
GetLocaleInfoW
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
HeapSize
InterlockedDecrement
LocalAlloc
InterlockedExchange
LoadLibraryA
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
HeapFree
HeapAlloc
GetModuleHandleA
GetVersionExA
GetProcessHeap
GetStartupInfoW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId

user32

SetDlgItemTextW
SetWindowTextW
SetFocus
SetWindowPos
GetDlgItem
GetWindowModuleFileNameW
SendDlgItemMessageW
LoadIconW
GetWindowThreadProcessId
DialogBoxParamW
LoadImageW
MapDialogRect
EnableWindow
ShowWindow
EnumWindows
LoadStringW
MessageBoxW
ExitWindowsEx
SendMessageW
EndDialog

gdi32

SetBkMode
GetStockObject
GetObjectW
CreateFontIndirectW
DeleteObject
CreateSolidBrush
CreateFontW
SetTextColor

advapi32

RegEnumKeyExW
RegQueryValueExW
RegDeleteValueW
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
CreateServiceW
ChangeServiceConfig2W
StartServiceW
OpenSCManagerW
CloseServiceHandle
OpenServiceW
ControlService
QueryServiceStatus
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
IsTextUnicode

shell32

SHGetFolderPathW
SHCreateDirectoryExW

ole32

OleUninitialize
OleInitialize
CoInitialize
CoCreateInstance

psapi

GetModuleFileNameExW
EnumProcesses
EnumProcessModules
GetModuleBaseNameW

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 560KB - Virtual size: 557KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2d0c158a8cd4ab727de747f99d64726

Headers

File Characteristics

PDB Paths

Imports

setupapi

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

psapi

Sections

.text Size: 232KB - Virtual size: 231KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 560KB - Virtual size: 557KB

.text
Size: 232KB - Virtual size: 231KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 560KB - Virtual size: 557KB