892fcf8f389201c5fdc5160b5890ef06_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

892fcf8f389201c5fdc5160b5890ef06_JaffaCakes118
Size

265KB
MD5

892fcf8f389201c5fdc5160b5890ef06
SHA1

55f9ee83bc8303e2846f84894caf47db0debf4af
SHA256

6628116f31ea0cd6550b8e958d59f381ec4b11bb02a80f581dbe8245a8e692d9
SHA512

b521d0d011219c537411ee2ce184ed6208afed336e0fa928ff79680b57479adcb083b9881604fa130552f2cdc0958f7ae422c14f646084e7a76812403e6ca78e
SSDEEP

6144:DjlEr6enAu/9YPcu3EOsvlOhXiYkFkaoMoV0PYDcWkCWQ71vXcQS:DFenl/9YN3EPOpiYQk4XCVWw1Pc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
892fcf8f389201c5fdc5160b5890ef06_JaffaCakes118

Files

892fcf8f389201c5fdc5160b5890ef06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78eb1a59734d371d283001bcca9734bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

kernel32

RtlUnwind
LCMapStringA
HeapFree
UnhandledExceptionFilter
HeapReAlloc
CompareStringA
WriteConsoleA
GetCPInfo
WriteFile
GetTickCount
VirtualAlloc
GetLocaleInfoA
GetOEMCP
SetUnhandledExceptionFilter
GetTimeZoneInformation
HeapDestroy
QueryPerformanceCounter
GetCurrentProcessId
ReadFile
HeapSize
EnterCriticalSection
LoadLibraryA
EnumResourceTypesA
HeapCreate
GetConsoleOutputCP
GetDateFormatA
GetStringTypeW
CompareStringW
GetSystemTimeAsFileTime
InitializeCriticalSection
CreateMailslotW
MultiByteToWideChar
LCMapStringW
SetEnvironmentVariableA
SetEndOfFile
SetFilePointer
VirtualFree
IsValidCodePage
IsDebuggerPresent
GetCurrentProcess
RaiseException
SetStdHandle
TerminateProcess
FreeLibrary
LeaveCriticalSection
GetACP
GetTimeFormatA
GetStringTypeA

advapi32

RegCloseKey
RegRestoreKeyW
RegQueryValueExW
ChangeServiceConfigW
FreeSid
UnlockServiceDatabase
ControlService
RegOpenKeyExW
LockServiceDatabase
QueryServiceStatus
GetSecurityDescriptorControl
SetSecurityInfo
DeleteService
AdjustTokenPrivileges
ChangeServiceConfig2W
LookupAccountSidW
FreeInheritedFromArray
SetEntriesInAclA
AddAce
StartServiceA
OpenSCManagerW
RegCreateKeyExW
SetEntriesInAclW
GetInheritanceSourceW
RegSaveKeyW
InitializeAcl
RegDeleteValueW
QueryServiceConfigW
LookupPrivilegeDisplayNameA
RegDeleteKeyW
SetNamedSecurityInfoW
EqualSid
IsValidAcl
LookupPrivilegeValueA
RegGetKeySecurity
RegSetValueExW
SetSecurityDescriptorDacl
OpenProcessToken
GetTokenInformation
CloseServiceHandle
GetAclInformation
OpenServiceW
InitializeSecurityDescriptor
QueryServiceLockStatusW
GetNamedSecurityInfoW
GetAce
GetSecurityInfo
AllocateAndInitializeSid
EnumDependentServicesW
IsValidSecurityDescriptor
RegEnumKeyExW
LookupPrivilegeNameA
CreateServiceW
RegEnumValueW

oleacc

LresultFromObject
AccessibleObjectFromPoint

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78eb1a59734d371d283001bcca9734bf

Headers

File Characteristics

Imports

mprapi

kernel32

advapi32

oleacc

shell32

newdev

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 3KB - Virtual size: 151KB

.data Size: 203KB - Virtual size: 202KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 3KB - Virtual size: 151KB

.data
Size: 203KB - Virtual size: 202KB

.rsrc
Size: 512B - Virtual size: 4KB