JaffaCakes118_3fcd7962dac63e112a23c95f64a7a2e1

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_3fcd7962dac63e112a23c95f64a7a2e1
Size

265KB
MD5

3fcd7962dac63e112a23c95f64a7a2e1
SHA1

84f148a3ed9601259f9cf856fb686a0ebcae95f5
SHA256

c23fa65d5d2e8e4f9ba2913e12aea4678b614c158411c488a4299eb8be6e9462
SHA512

2cdf0be5b2120d338c9c9feee5223d6d32aaec969c3a0ecf446783e4f37687b4adabe05d25625396a200b6e767dd80c50b19277df83cd04b9d78630d964d099a
SSDEEP

6144:hmfzkaAtV3d2zijKgGf2pV+EL51qpVjFBIvQsP840Y7UDs:ofzfA80K54V+OqpVjFBOQcxq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3fcd7962dac63e112a23c95f64a7a2e1

Files

JaffaCakes118_3fcd7962dac63e112a23c95f64a7a2e1
.exe windows:4 windows x86 arch:x86

7478c4ee53769e276ce9034eac3a1695

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

oleacc

LresultFromObject
AccessibleObjectFromPoint

kernel32

IsValidCodePage
HeapDestroy
GetTimeZoneInformation
LeaveCriticalSection
LCMapStringW
GetOEMCP
CompareStringW
SetUnhandledExceptionFilter
HeapFree
GetStringTypeW
HeapCreate
GetLocaleInfoA
HeapReAlloc
SetStdHandle
GetSystemTimeAsFileTime
MultiByteToWideChar
GetTickCount
InitializeCriticalSection
SetEnvironmentVariableA
GetACP
ReadFile
VirtualFree
EnumResourceTypesA
RtlUnwind
FreeLibrary
GetDateFormatA
GetTimeFormatA
UnhandledExceptionFilter
GetConsoleOutputCP
GetCurrentProcessId
CreateMailslotW
IsDebuggerPresent
GetCPInfo
QueryPerformanceCounter
EnterCriticalSection
TerminateProcess
WriteConsoleA
CompareStringA
HeapSize
LoadLibraryA
VirtualAlloc
LCMapStringA
GetCurrentProcess
SetFilePointer
RaiseException
WriteFile
SetEndOfFile
GetStringTypeA

advapi32

GetSecurityDescriptorControl
QueryServiceLockStatusW
RegCloseKey
QueryServiceStatus
GetSecurityInfo
RegSaveKeyW
ChangeServiceConfig2W
RegGetKeySecurity
RegSetValueExW
DeleteService
StartServiceA
RegEnumKeyExW
OpenSCManagerW
LookupAccountSidW
GetAce
RegDeleteKeyW
SetSecurityDescriptorDacl
CreateServiceW
FreeInheritedFromArray
FreeSid
SetNamedSecurityInfoW
RegRestoreKeyW
EqualSid
SetEntriesInAclW
RegQueryValueExW
OpenProcessToken
CloseServiceHandle
IsValidAcl
UnlockServiceDatabase
GetNamedSecurityInfoW
SetSecurityInfo
GetInheritanceSourceW
InitializeAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
RegCreateKeyExW
RegDeleteValueW
QueryServiceConfigW
AdjustTokenPrivileges
ControlService
SetEntriesInAclA
OpenServiceW
GetTokenInformation
ChangeServiceConfigW
RegOpenKeyExW
GetAclInformation
LockServiceDatabase
AddAce
EnumDependentServicesW
AllocateAndInitializeSid
LookupPrivilegeNameA
LookupPrivilegeValueA
LookupPrivilegeDisplayNameA
RegEnumValueW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7478c4ee53769e276ce9034eac3a1695

Headers

File Characteristics

Imports

mprapi

shell32

oleacc

kernel32

advapi32

newdev

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 3KB - Virtual size: 151KB

.data Size: 203KB - Virtual size: 202KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 3KB - Virtual size: 151KB

.data
Size: 203KB - Virtual size: 202KB

.rsrc
Size: 512B - Virtual size: 4KB