JaffaCakes118_7954234d238ec0d58f2bdab1900a08c2

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7954234d238ec0d58f2bdab1900a08c2
Size

178KB
MD5

7954234d238ec0d58f2bdab1900a08c2
SHA1

e84c32ca7d6e8d0e2495e77dd1223a5c33ff6583
SHA256

0a67c215dfb9deb1957afc5c48e7d3b92671a744ad957c84c1d1c6a1251118ee
SHA512

a21820f484e4a8f9c289f0e8563561b52480c1f24db5c2e101ab35fe19b546796043e08597643b68493b59d7249d5e3e1c10f201b7bc13994a7ad45dbe50d9c6
SSDEEP

3072:AxfwhcNwS+YJbuAf8PF8o1IqNaqsoQgZReFv9CMEwWIammbbltlhHQo/uTBz:9GbJbvto1OoQg6uMENXltlVQo/ut

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7954234d238ec0d58f2bdab1900a08c2

Files

JaffaCakes118_7954234d238ec0d58f2bdab1900a08c2
.exe windows:4 windows x86 arch:x86

49735df192ac9c446187fb0f3844e6f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiCreateDeviceInfoA
SetupGetInfFileListA
SetupDiDestroyDeviceInfoList
SetupDiDeleteDeviceInfo
SetupDiSetClassInstallParamsW
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceInstallParamsA
SetupDiGetDeviceInstanceIdW
SetupDiSetDeviceRegistryPropertyW
SetupCloseInfFile
SetupCopyOEMInfW
SetupDiBuildClassInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiGetClassDescriptionW
SetupDiCallClassInstaller
SetupDiGetClassDevsW
SetupOpenInfFileA
SetupDiEnumDeviceInfo
SetupDiClassNameFromGuidW
SetupGetLineTextA
SetupDiGetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoList
SetupDiClassGuidsFromNameW
CM_Get_DevNode_Status

rpcrt4

UuidCreate

user32

SendMessageA
EnumChildWindows
GetDlgItem
DestroyWindow
CreateWindowExW
IsWindow
GetWindowThreadProcessId

ole32

CoGetMalloc
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoInitializeSecurity
CoQueryProxyBlanket
CoCreateInstance
CoSetProxyBlanket
StringFromGUID2

kernel32

SetFilePointer
GetProcAddress
CompareStringW
LCMapStringW
TlsAlloc
GetCalendarInfoW
FileTimeToLocalFileTime
CloseHandle
GetStdHandle
InterlockedDecrement
RaiseException
WriteConsoleA
LoadLibraryExW
SetEndOfFile
GetDateFormatA
FileTimeToSystemTime
GetTickCount
TlsFree
LeaveCriticalSection
GetSystemDirectoryW
GetStringTypeW
VirtualAlloc
GetEnvironmentStrings
GetModuleHandleW
CreateProcessW
SystemTimeToFileTime
ExitProcess
SetEvent
GetCurrentThreadId
LocalAlloc
RtlUnwind
SetUnhandledExceptionFilter
TlsGetValue
GetSystemTime
CreateFileW
GetStartupInfoA
CreateFileA
GetCPInfo
Sleep
ResetEvent
HeapFree
GetTimeFormatA
MultiByteToWideChar
QueryPerformanceCounter
DeleteFileW
SetEnvironmentVariableA
SetLastError
GetExitCodeProcess
SetHandleCount
FreeEnvironmentStringsA
GetCurrentProcessId
EnumResourceNamesA
CreateWaitableTimerA
GetFileType
GetTempPathW
ExpandEnvironmentStringsW
FreeLibrary
GetVersionExA
GetLastError
GetOEMCP
GetConsoleOutputCP
ReadFile
WideCharToMultiByte
GetCurrentProcess
GetModuleHandleA
GetConsoleMode
IsDebuggerPresent
CreateFileMappingA
GetLocaleInfoA
VirtualFree
GetEnvironmentStringsW
GetTimeZoneInformation
TlsSetValue
InterlockedIncrement
GetEnvironmentVariableW
DeviceIoControl
SetFileAttributesW
InitializeCriticalSection
FreeEnvironmentStringsW
GetACP
FlushFileBuffers
InitializeCriticalSection
MapViewOfFile
GetCommandLineA
WriteConsoleW
HeapCreate
HeapDestroy
CreateDirectoryW
IsValidCodePage
GetFileAttributesW
GetSystemTimeAsFileTime
SetStdHandle
HeapReAlloc
CancelWaitableTimer
MoveFileExW
CreateEventA
DeleteCriticalSection
LoadLibraryA
GetVersionExW
GetProcessHeap
LCMapStringA
WriteFile
CopyFileW
UnmapViewOfFile
UnhandledExceptionFilter
HeapSize
LocalFree
CompareStringA
SetWaitableTimer
GetConsoleCP
WaitForSingleObject
CreateThread
HeapAlloc
TerminateProcess
GetModuleFileNameA
EnterCriticalSection
GetStringTypeA

newdev

UpdateDriverForPlugAndPlayDevicesW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

advapi32

RegCloseKey
CloseServiceHandle
QueryServiceLockStatusW
SetEntriesInAclW
OpenProcessToken
AllocateAndInitializeSid
RegRestoreKeyW
GetSecurityDescriptorControl
ChangeServiceConfigW
OpenSCManagerW
GetSecurityInfo
RegGetKeySecurity
FreeInheritedFromArray
RegDeleteKeyW
StartServiceA
QueryServiceConfigW
EnumDependentServicesW
IsValidSecurityDescriptor
AdjustTokenPrivileges
ChangeServiceConfig2W
QueryServiceStatus
GetTokenInformation
IsValidAcl
RegSaveKeyW
LookupAccountSidW
CreateServiceW
RegEnumKeyExW
FreeSid
SetNamedSecurityInfoW
RegSetValueExW
LookupPrivilegeNameA
GetInheritanceSourceW
ControlService
SetSecurityInfo
RegCreateKeyExW
RegOpenKeyExW
DeleteService
SetSecurityDescriptorDacl
InitializeAcl
LookupPrivilegeDisplayNameA
RegDeleteValueW
EqualSid
GetAclInformation
InitializeSecurityDescriptor
SetEntriesInAclA
AddAce
LockServiceDatabase
GetAce
RegQueryValueExW
GetNamedSecurityInfoW
UnlockServiceDatabase
OpenServiceW
LookupPrivilegeValueA
RegEnumValueW

iphlpapi

GetIpAddrTable

shell32

SHGetFolderPathW

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49735df192ac9c446187fb0f3844e6f2

Headers

File Characteristics

Imports

setupapi

rpcrt4

user32

ole32

kernel32

newdev

mprapi

advapi32

iphlpapi

shell32

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 6KB - Virtual size: 6KB

.bss Size: 76KB - Virtual size: 76KB

.rsrc Size: 1024B - Virtual size: 376KB

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 6KB - Virtual size: 6KB

.bss
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 1024B - Virtual size: 376KB