e5cca1f9f777554ac3bfa08c0f8c377c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e5cca1f9f777554ac3bfa08c0f8c377c_JaffaCakes118
Size

168KB
MD5

e5cca1f9f777554ac3bfa08c0f8c377c
SHA1

7b9048b91b70fa398dfaac2b9507f802fff3ca10
SHA256

757c9ca1cec418b5e813510613fcc838d815fc374f30e029fb7662450b82d31b
SHA512

3381c0c229f4e1e4bec47b4604f93ca1f73209e6110816384baa25f81cf203b2a4e9d86732087daf592cd6f5c9bb9a7cb4a03f4d83ec3e7a17ac0768b3e38b6b
SSDEEP

3072:73uMOPcsJXFwc66qzNRx0nktB47zisxr08uIY41+VBQQCFWLx5lU55wJTsYfPqIo:aXFwcePYSAY6iBQbFKvM5+Thf4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5cca1f9f777554ac3bfa08c0f8c377c_JaffaCakes118

Files

e5cca1f9f777554ac3bfa08c0f8c377c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07f4ed5cd463c067cb0a97406dcf7179

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIpAddrTable

user32

CreateWindowExW
SendMessageA
DestroyWindow
EnumChildWindows
GetDlgItem
IsWindow
GetWindowThreadProcessId

setupapi

CMP_WaitNoPendingInstallEvents
SetupCopyOEMInfW
SetupDiClassGuidsFromNameW
SetupDiBuildClassInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiCallClassInstaller
SetupDiClassNameFromGuidW
SetupDiSetClassInstallParamsW
SetupDiGetClassDescriptionW
SetupDiSetDeviceRegistryPropertyW
SetupOpenInfFileA
SetupDiCreateDeviceInfoList
SetupGetLineTextA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupCloseInfFile
SetupDiGetDeviceInstanceIdW
SetupDiCreateDeviceInfoA
SetupDiGetClassDevsW
SetupDiGetDeviceInstallParamsA
SetupDiDestroyDeviceInfoList
SetupDiDeleteDeviceInfo
SetupGetInfFileListA
CM_Get_DevNode_Status

rpcrt4

UuidCreate

shell32

SHGetFolderPathW

ole32

CoGetMalloc
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoCreateInstance
CoQueryProxyBlanket
CoTaskMemFree
CoUninitialize
StringFromGUID2

kernel32

MultiByteToWideChar
GetFileType
SetEndOfFile
CompareStringW
CreateFileA
FileTimeToLocalFileTime
GetConsoleOutputCP
GetStartupInfoA
GetModuleHandleA
GetFileAttributesW
GetSystemTime
DeviceIoControl
HeapDestroy
CreateEventA
FreeEnvironmentStringsA
GetCurrentProcessId
GetDateFormatA
GetLastError
CreateFileW
GetOEMCP
SetHandleCount
GetCalendarInfoW
LoadLibraryA
GetModuleFileNameA
DeleteFileW
TerminateProcess
SetLastError
WriteConsoleW
DeleteCriticalSection
LCMapStringW
ExitProcess
CreateDirectoryW
GetSystemDirectoryW
SetUnhandledExceptionFilter
TlsGetValue
CreateFileMappingA
HeapReAlloc
GetModuleHandleW
LocalAlloc
UnmapViewOfFile
FlushFileBuffers
SetFilePointer
RtlUnwind
GetStringTypeW
RaiseException
GetVersionExW
GetConsoleMode
SetFileAttributesW
CreateThread
HeapFree
CreateProcessW
WriteConsoleA
GetEnvironmentStrings
FreeLibrary
TlsAlloc
TlsSetValue
EnterCriticalSection
WaitForSingleObject
GetEnvironmentVariableW
GetCurrentThreadId
GetVersionExA
CreateWaitableTimerA
SetEvent
GetCurrentProcess
SetWaitableTimer
InterlockedIncrement
LoadLibraryExW
CancelWaitableTimer
GetLocaleInfoA
GetTimeZoneInformation
EnumResourceNamesA
GetProcessHeap
InterlockedDecrement
IsValidCodePage
LCMapStringA
InitializeCriticalSection
CloseHandle
GetTimeFormatA
VirtualFree
FileTimeToSystemTime
FreeEnvironmentStringsW
GetCPInfo
GetExitCodeProcess
LeaveCriticalSection
GetProcAddress
VirtualAlloc
QueryPerformanceCounter
GetTempPathW
ExpandEnvironmentStringsW
MapViewOfFile
InitializeCriticalSection
SetEnvironmentVariableA
WriteFile
IsDebuggerPresent
CopyFileW
LocalFree
TlsFree
GetStdHandle
UnhandledExceptionFilter
GetConsoleCP
GetACP
GetCommandLineA
HeapAlloc
ReadFile
GetSystemTimeAsFileTime
WideCharToMultiByte
GetTickCount
HeapSize
MoveFileExW
SystemTimeToFileTime
GetEnvironmentStringsW
CompareStringA
ResetEvent
Sleep
SetStdHandle
HeapCreate
GetStringTypeA

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

advapi32

GetAclInformation
LookupPrivilegeValueA
UnlockServiceDatabase
InitializeAcl
SetEntriesInAclW
QueryServiceLockStatusW
LockServiceDatabase
LookupPrivilegeNameA
GetAce
QueryServiceStatus
OpenProcessToken
RegQueryValueExW
RegDeleteKeyW
EqualSid
RegDeleteValueW
EnumDependentServicesW
ChangeServiceConfigW
GetSecurityInfo
CreateServiceW
RegGetKeySecurity
GetNamedSecurityInfoW
RegOpenKeyExW
DeleteService
RegRestoreKeyW
FreeSid
SetSecurityDescriptorDacl
RegSetValueExW
GetTokenInformation
AddAce
SetEntriesInAclA
SetSecurityInfo
LookupPrivilegeDisplayNameA
AdjustTokenPrivileges
ControlService
OpenSCManagerW
GetSecurityDescriptorControl
QueryServiceConfigW
RegEnumKeyExW
InitializeSecurityDescriptor
GetInheritanceSourceW
AllocateAndInitializeSid
OpenServiceW
LookupAccountSidW
StartServiceA
CloseServiceHandle
IsValidAcl
ChangeServiceConfig2W
FreeInheritedFromArray
RegCloseKey
SetNamedSecurityInfoW
RegSaveKeyW
IsValidSecurityDescriptor
RegCreateKeyExW
RegEnumValueW

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07f4ed5cd463c067cb0a97406dcf7179

Headers

File Characteristics

Imports

iphlpapi

user32

setupapi

rpcrt4

shell32

ole32

kernel32

mprapi

newdev

advapi32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 6KB - Virtual size: 6KB

.bss Size: 68KB - Virtual size: 67KB

.rsrc Size: 1024B - Virtual size: 100KB

We care about your privacy.

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 6KB - Virtual size: 6KB

.bss
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 1024B - Virtual size: 100KB