JaffaCakes118_35ff99475df5390ef1bca92ac62f81d4

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_35ff99475df5390ef1bca92ac62f81d4
Size

265KB
MD5

35ff99475df5390ef1bca92ac62f81d4
SHA1

80c8e48f370177cc86238da29f8a570b996efe99
SHA256

93dca9b5ba98ceee8a0033897de77856e220e2b3d94a61c85b8dbb426de05663
SHA512

53c5e1c5c4b287961148d12905d5cedfa133dda1d24d6a5a57ec73b8071236d34ce5d9fd99de1c8cd76d9af0264c2fe9b6a6d9c759e31e56f8608a13e463423f
SSDEEP

6144:MdB2dmxxxj/NRctuZp6hCG8NQh26Mfs9IOqgOJuNwQELfPPapf:MdB2dmZNGg97QGfs9euNwQEjPPY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_35ff99475df5390ef1bca92ac62f81d4

Files

JaffaCakes118_35ff99475df5390ef1bca92ac62f81d4
.exe windows:4 windows x86 arch:x86

ed30ad6b525c9a3917cb1907e89b474b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

advapi32

SetSecurityInfo
RegOpenKeyExW
GetSecurityInfo
RegRestoreKeyW
GetSecurityDescriptorControl
RegGetKeySecurity
GetAclInformation
FreeInheritedFromArray
InitializeSecurityDescriptor
IsValidAcl
StartServiceA
RegEnumKeyExW
DeleteService
SetSecurityDescriptorDacl
RegCreateKeyExW
LookupAccountSidW
RegDeleteKeyW
UnlockServiceDatabase
OpenSCManagerW
GetInheritanceSourceW
InitializeAcl
OpenProcessToken
EnumDependentServicesW
AllocateAndInitializeSid
OpenServiceW
AdjustTokenPrivileges
ChangeServiceConfig2W
LockServiceDatabase
LookupPrivilegeDisplayNameA
RegQueryValueExW
LookupPrivilegeValueA
QueryServiceConfigW
SetNamedSecurityInfoW
SetEntriesInAclA
RegSaveKeyW
GetNamedSecurityInfoW
GetAce
CloseServiceHandle
CreateServiceW
EqualSid
SetEntriesInAclW
LookupPrivilegeNameA
QueryServiceStatus
FreeSid
IsValidSecurityDescriptor
AddAce
ControlService
RegCloseKey
GetTokenInformation
RegSetValueExW
QueryServiceLockStatusW
RegDeleteValueW
ChangeServiceConfigW
RegEnumValueW

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

kernel32

GetSystemTimeAsFileTime
QueryPerformanceCounter
GetACP
HeapFree
LeaveCriticalSection
HeapCreate
SetEnvironmentVariableA
GetConsoleOutputCP
SetUnhandledExceptionFilter
WriteConsoleA
InitializeCriticalSection
VirtualFree
GetCPInfo
IsDebuggerPresent
GetTimeZoneInformation
TerminateProcess
GetTimeFormatA
EnterCriticalSection
GetStringTypeW
LoadLibraryA
GetTickCount
ReadFile
CompareStringA
EnumResourceTypesA
GetDateFormatA
SetEndOfFile
HeapSize
VirtualAlloc
LCMapStringW
UnhandledExceptionFilter
GetLocaleInfoA
HeapDestroy
MultiByteToWideChar
FreeLibrary
LCMapStringA
CreateNamedPipeA
RtlUnwind
WriteFile
GetCurrentProcessId
SetFilePointer
GetOEMCP
CompareStringW
IsValidCodePage
GetCurrentProcess
HeapReAlloc
SetStdHandle
RaiseException
GetStringTypeA

oleacc

LresultFromObject
AccessibleObjectFromPoint

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed30ad6b525c9a3917cb1907e89b474b

Headers

File Characteristics

Imports

mprapi

advapi32

newdev

shell32

kernel32

oleacc

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 3KB - Virtual size: 151KB

.data Size: 203KB - Virtual size: 202KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 3KB - Virtual size: 151KB

.data
Size: 203KB - Virtual size: 202KB

.rsrc
Size: 512B - Virtual size: 4KB