0942b6acec5a9431dff54293a4d3abbc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0942b6acec5a9431dff54293a4d3abbc_JaffaCakes118
Size

101KB
MD5

0942b6acec5a9431dff54293a4d3abbc
SHA1

6480a585050a0e3fda0c5f4578b4eb226c5ac664
SHA256

1b4574597dd2494024e7bcc7c83a912ef2c6fec0ed67d5445dc44b8ef79edf55
SHA512

d7efcd1667b4f53f5576dac250cea046272264e8d9ff1988b2f2ff01075b08524942dc8d9c39dbec1b7a69fe09c8696833eb7ec1501fad300c104955b20be7cb
SSDEEP

1536:ZJu5IEOiXcsEnfw0tkzgn9b3fDJZxLS+uz8ly++OP7cW:ZJ6nt2fD4k9b3PdflyFW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0942b6acec5a9431dff54293a4d3abbc_JaffaCakes118

Files

0942b6acec5a9431dff54293a4d3abbc_JaffaCakes118
.dll windows:5 windows x86 arch:x86

5ebc87e86a1a877fb5e771dbc0c8293b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msports.pdb

Imports

msvcrt

malloc
_adjust_fdiv
_initterm
free
wcscspn
wcsspn
_itoa
_wcsupr
wcslen
wcsstr
wcscpy
wcscat
_except_handler3
wcschr
wcscmp

setupapi

SetupDiRemoveDevice
SetupDiCallClassInstaller
SetupDiOpenDevRegKey
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
CM_Reenumerate_DevNode
SetupCloseInfFile
SetupInstallFromInfSectionW
SetupDiGetActualSectionToInstallW
SetupOpenInfFileW
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiCreateDevRegKeyW
CM_Free_Log_Conf_Handle
CM_Free_Res_Des_Handle
CM_Get_Res_Des_Data
CM_Get_Next_Res_Des
CM_Get_First_Log_Conf
SetupDiInstallDevice
SetupDiDeleteDeviceInfo
SetupDiBuildDriverInfoList
SetupDiCreateDeviceInfoW
SetupDiOpenDeviceInfoW
CM_Get_DevNode_Status
SetupDiGetDeviceInstanceIdW
SetupDiRegisterDeviceInfo
CM_Query_Resource_Conflict_List
CM_Get_Resource_Conflict_Count
CM_Get_Resource_Conflict_DetailsW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Device_IDW
CM_Free_Resource_Conflict_Handle
CM_Locate_DevNodeW
SetupGetLineCountW
SetupGetLineByIndexW
SetupGetFieldCount
SetupGetStringFieldW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
SetupDiGetDeviceInfoListDetailW

user32

CheckRadioButton
CharNextW
SendMessageTimeoutW
wvsprintfW
MessageBoxW
CharPrevW
ShowWindow
DialogBoxParamW
IsDlgButtonChecked
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetDlgCtrlID
wsprintfW
SetDlgItemTextW
GetFocus
SetWindowLongW
EnableWindow
GetWindowLongW
EndDialog
GetParent
SendDlgItemMessageW
WinHelpW
LoadStringW
SendMessageW
GetDlgItem
CheckDlgButton

advapi32

FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegEnumValueW
RegOpenKeyExW
ChangeServiceConfigW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegOpenKeyW
RegNotifyChangeKeyValue
RegDeleteValueW
RegCreateKeyExW
EqualSid

kernel32

UnhandledExceptionFilter
QueryDosDeviceW
CreateFileW
OutputDebugStringA
GetModuleFileNameW
lstrcatW
GetProfileStringW
lstrlenW
WriteProfileStringW
lstrcmpW
GetUserDefaultLCID
GetLocaleInfoW
FreeLibrary
SetLastError
GetCurrentProcess
GetLastError
LocalAlloc
LocalFree
CloseHandle
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
LoadLibraryW
LoadLibraryA
WideCharToMultiByte
lstrcmpiW
DisableThreadLibraryCalls
MultiByteToWideChar
ReleaseMutex
ResetEvent
CreateEventW
WaitForSingleObject
CreateMutexW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
SetUnhandledExceptionFilter
Sleep
lstrcpyW
DefineDosDeviceW
lstrcpynW

ole32

CoCreateInstance

Exports

Exports

ComDBClaimNextFreePort
ComDBClaimPort
ComDBClose
ComDBGetCurrentPortUsage
ComDBOpen
ComDBReleasePort
ComDBResizeDatabase
ParallelPortPropPageProvider
PortsClassInstaller
SerialDisplayAdvancedSettings
SerialPortPropPageProvider

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ebc87e86a1a877fb5e771dbc0c8293b

Headers

File Characteristics

PDB Paths

Imports

msvcrt

setupapi

user32

advapi32

kernel32

ole32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 58KB - Virtual size: 59KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 58KB - Virtual size: 59KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 2KB