JaffaCakes118_abf0ec93f206d7b215f7b3d6f68fe1f5

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_abf0ec93f206d7b215f7b3d6f68fe1f5
Size

207KB
MD5

abf0ec93f206d7b215f7b3d6f68fe1f5
SHA1

19d60e9b6cac841eaff4c4b8a98faa89f20929a4
SHA256

4d54eef01bc3accd66f74a458ad3d1ea55a00678174121677466c27c15692811
SHA512

4cdcb62285983d968bbdb3c8f6d077ba807a7d75092db60f18fec785d2d7a9f6818f6921f303f9cbdeaf372d7af04f67116d3efe8b19e7d3f31d935a14e193ea
SSDEEP

6144:HXyNYcXMbt2ohgdqNgxiQFhsGIyQ4IUfO4:HCNfcb3hgd8miAFxIUfO4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_abf0ec93f206d7b215f7b3d6f68fe1f5

Files

JaffaCakes118_abf0ec93f206d7b215f7b3d6f68fe1f5
.exe windows:4 windows x86 arch:x86

8123bb5febaa88b029d6dc67a85da41a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiCallClassInstaller
SetupDiDeleteDeviceInfo
SetupDiSetDeviceRegistryPropertyW
SetupGetLineTextA
SetupCloseInfFile
SetupDiGetClassDevsW
SetupDiGetDeviceInstallParamsA
SetupDiGetDeviceInstanceIdW
SetupDiSetClassInstallParamsW
SetupDiEnumDeviceInfo
SetupOpenInfFileA
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiBuildClassInfoList
SetupDiClassGuidsFromNameW
SetupDiGetClassDescriptionW
SetupDiCreateDeviceInfoA
SetupCopyOEMInfW
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
SetupGetInfFileListA
SetupDiCreateDeviceInfoList
SetupDiClassNameFromGuidW
CM_Get_DevNode_Status

ole32

CoGetMalloc
CoUninitialize
CoQueryProxyBlanket
CoCreateInstance
CoTaskMemFree
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
StringFromGUID2

advapi32

OpenProcessToken
RegCreateKeyExW
OpenServiceW
LookupAccountSidW
RegQueryValueExW
IsValidAcl
GetNamedSecurityInfoW
LookupPrivilegeDisplayNameA
RegEnumKeyExW
GetInheritanceSourceW
ChangeServiceConfigW
InitializeAcl
ControlService
RegCloseKey
RegSetValueExW
SetEntriesInAclA
SetSecurityInfo
SetNamedSecurityInfoW
LookupPrivilegeValueA
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetTokenInformation
GetAce
OpenSCManagerW
RegOpenKeyExW
ChangeServiceConfig2W
SetSecurityDescriptorDacl
AddAce
FreeSid
AdjustTokenPrivileges
FreeInheritedFromArray
LockServiceDatabase
SetEntriesInAclW
IsValidSecurityDescriptor
EnumDependentServicesW
LookupPrivilegeNameA
QueryServiceStatus
DeleteService
QueryServiceConfigW
StartServiceA
QueryServiceLockStatusW
UnlockServiceDatabase
RegGetKeySecurity
CloseServiceHandle
GetSecurityDescriptorControl
RegRestoreKeyW
RegSaveKeyW
CreateServiceW
EqualSid
GetSecurityInfo
RegDeleteKeyW
GetAclInformation
RegDeleteValueW
RegEnumValueW

newdev

UpdateDriverForPlugAndPlayDevicesW

user32

GetDlgItem
SendMessageA
EnumChildWindows
IsWindow
DestroyWindow
CreateWindowExW
GetWindowThreadProcessId

shell32

SHGetFolderPathW

kernel32

DeviceIoControl
GetProcAddress
GetCalendarInfoW
IsValidCodePage
SystemTimeToFileTime
UnhandledExceptionFilter
TlsFree
CreateDirectoryW
GetTimeZoneInformation
DeleteCriticalSection
WriteConsoleW
ExitProcess
TlsSetValue
GetFileType
ReadFile
MapViewOfFile
CreateEventA
CreateThread
GetACP
GetLastError
WaitForSingleObject
GetDateFormatA
GetEnvironmentVariableW
FileTimeToSystemTime
GetStringTypeW
FreeEnvironmentStringsA
GetModuleHandleW
CreateFileA
FileTimeToLocalFileTime
GetSystemDirectoryW
UnmapViewOfFile
SetEvent
IsDebuggerPresent
HeapDestroy
HeapReAlloc
SetFilePointer
GetTempPathW
DeleteFileW
GetStdHandle
InitializeCriticalSection
GetSystemTime
VirtualAlloc
InterlockedIncrement
SetWaitableTimer
InterlockedDecrement
CompareStringA
HeapSize
SetHandleCount
TlsGetValue
EnumResourceNamesA
MultiByteToWideChar
Sleep
LoadLibraryExW
CancelWaitableTimer
WriteFile
TlsAlloc
GetCurrentThreadId
HeapAlloc
HeapCreate
CreateProcessW
GetSystemTimeAsFileTime
MoveFileExW
LeaveCriticalSection
TerminateProcess
HeapFree
GetConsoleOutputCP
GetLocaleInfoA
GetTimeFormatA
CloseHandle
WideCharToMultiByte
SetLastError
FreeEnvironmentStringsW
LocalAlloc
SetStdHandle
ResetEvent
GetExitCodeProcess
GetVersionExW
SetEndOfFile
QueryPerformanceCounter
LCMapStringA
GetCPInfo
LCMapStringW
RaiseException
GetCommandLineA
GetCurrentProcessId
CreateFileW
InitializeCriticalSection
CopyFileW
LoadLibraryA
GetProcessHeap
GetEnvironmentStrings
GetOEMCP
GetCurrentProcess
RtlUnwind
GetConsoleMode
EnterCriticalSection
GetFileAttributesW
SetEnvironmentVariableA
FreeLibrary
GetEnvironmentStringsW
WriteConsoleA
GetConsoleCP
GetTickCount
VirtualFree
LocalFree
CreateFileMappingA
FlushFileBuffers
GetModuleHandleA
GetStartupInfoA
CreateWaitableTimerA
GetVersionExA
GetModuleFileNameA
SetUnhandledExceptionFilter
CompareStringW
ExpandEnvironmentStringsW
SetFileAttributesW
GetStringTypeA

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

iphlpapi

GetIpAddrTable

rpcrt4

UuidCreate

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8123bb5febaa88b029d6dc67a85da41a

Headers

File Characteristics

Imports

setupapi

ole32

advapi32

newdev

user32

shell32

kernel32

mprapi

iphlpapi

rpcrt4

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 6KB - Virtual size: 6KB

.bss Size: 92KB - Virtual size: 91KB

.rsrc Size: 1024B - Virtual size: 96KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 6KB - Virtual size: 6KB

.bss
Size: 92KB - Virtual size: 91KB

.rsrc
Size: 1024B - Virtual size: 96KB