1563c854215a18fbf19157a62466e502_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1563c854215a18fbf19157a62466e502_JaffaCakes118
Size

175KB
MD5

1563c854215a18fbf19157a62466e502
SHA1

09b3afd6f360f8d0d0c4fdb678cfece3a9b5b9e1
SHA256

e16c853af0f08d59ef35eb2cf617bccbfbf06b6643553b024d612b926502ddba
SHA512

05f53dc2f89ecb0929b49fea09605d6a84c80ab8c884cd45693a65184007bb99fa5481e01c421cda6dd51006c6c978c9a88c7e0885a60b4e5ccd8b0699be498d
SSDEEP

3072:E926LUiBJsN5mgULGcDorPPG8Q45fOv6lhq2tQF5HJlZFgSyPIG78Oc:E92TmgULGsTDYfOv67tQF5bZuBPIG7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1563c854215a18fbf19157a62466e502_JaffaCakes118

Files

1563c854215a18fbf19157a62466e502_JaffaCakes118
.dll windows:5 windows x86 arch:x86

7ce4d40a627497a206a0475630388ff3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

tdgie.pdb

Imports

setupapi

SetupOpenLog
SetupLogErrorW
SetupDiSetClassInstallParamsW
SetupDiOpenDevRegKey
SetupDiInstallDevice
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassInstallParamsW
SetupDiCreateDevRegKeyW
SetupCloseLog
CM_Create_Range_List
CMP_UnregisterNotification

kernel32

GetCurrentThreadId
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetCurrentProcess
GetWindowsDirectoryW
LocalAlloc
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
lstrcmpiW
lstrcpynW
GetComputerNameW
ExitProcess
DisableThreadLibraryCalls
DeviceIoControl
CreateFileW
CompareStringW
CloseHandle
GetTickCount
lstrlenW

advapi32

OpenServiceW
ChangeServiceConfigW
CloseServiceHandle
StartServiceW
RegSetValueExW
RegSetKeySecurity
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
OpenSCManagerW
CreateServiceW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ControlService
QueryServiceConfigW

gdi32

GetAspectRatioFilterEx
CloseEnhMetaFile

msvcrt

wcscmp
_vsnwprintf
_except_handler3

user32

DialogBoxParamW
EnableWindow
EndDialog
GetDlgItem
GetParent
GetWindowLongW
GetWindowTextW
IsWindowEnabled
LoadStringW
SendMessageW
SetWindowLongW
SetWindowTextW
ShowWindow

shell32

ShellExecuteW
SHExtractIconsW

Exports

Exports

CreateContext
IsDigit
MShutDown
strtrim

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ce4d40a627497a206a0475630388ff3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

setupapi

kernel32

advapi32

gdi32

msvcrt

user32

shell32

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 28KB - Virtual size: 28KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 6KB - Virtual size: 5KB