JaffaCakes118_70a7d9617402b6f535a6968c52cad98a

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_70a7d9617402b6f535a6968c52cad98a
Size

179KB
MD5

70a7d9617402b6f535a6968c52cad98a
SHA1

3d345b22752a8ee71a5cc30c032852da6f99a087
SHA256

a4b7f34d146d1aafe9275c39e73b55131dbd3d1cb2025b612aff85b13a1a8e64
SHA512

fc09064f2c8d5e0a7b42ce1fe14deca799df66ef4b57f16545711922a82ef8fc6f87fb59098bc6e5bc7d17a4d2c1ce7462085b3f3ddbd815082cd349b881c054
SSDEEP

3072:JPKGw2PCiOWtD3qTsBih0pCKDuGCI3Byl/hsT4l5iilPI:QGw2PCiOWdlBih0p015iw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_70a7d9617402b6f535a6968c52cad98a

Files

JaffaCakes118_70a7d9617402b6f535a6968c52cad98a
.exe windows:4 windows x86 arch:x86

21d07bafaeb7bd9d488df3176602d5c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

oleacc

LresultFromObject
AccessibleObjectFromPoint

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

GetCPInfo
CompareStringW
HeapFree
SetUnhandledExceptionFilter
RaiseException
HeapReAlloc
GetCurrentProcess
GetCurrentProcessId
LCMapStringW
EnterCriticalSection
RtlUnwind
QueryPerformanceCounter
LCMapStringA
WriteConsoleA
GetTimeFormatA
IsValidCodePage
GetConsoleOutputCP
CompareStringA
HeapSize
GetStringTypeW
UnhandledExceptionFilter
EnumResourceTypesA
VirtualAlloc
SetFilePointer
SetEnvironmentVariableA
GetTickCount
LeaveCriticalSection
ReadFile
WriteFile
SetStdHandle
CreateNamedPipeW
SetEndOfFile
HeapDestroy
GetACP
TerminateProcess
MultiByteToWideChar
GetSystemTimeAsFileTime
IsDebuggerPresent
VirtualFree
HeapCreate
InitializeCriticalSection
GetOEMCP
GetTimeZoneInformation
LoadLibraryA
GetDateFormatA
GetLocaleInfoA
FreeLibrary
GetStringTypeA

advapi32

OpenSCManagerW
GetSecurityDescriptorControl
InitializeAcl
StartServiceA
ControlService
QueryServiceLockStatusW
FreeSid
RegSaveKeyW
AllocateAndInitializeSid
ChangeServiceConfig2W
SetSecurityDescriptorDacl
RegEnumKeyExW
QueryServiceStatus
EnumDependentServicesW
EqualSid
SetNamedSecurityInfoW
LookupPrivilegeValueA
RegQueryValueExW
GetAclInformation
LookupPrivilegeNameA
ChangeServiceConfigW
CreateServiceW
InitializeSecurityDescriptor
CloseServiceHandle
QueryServiceConfigW
GetSecurityInfo
IsValidAcl
UnlockServiceDatabase
SetSecurityInfo
RegCloseKey
RegDeleteValueW
AdjustTokenPrivileges
GetAce
LockServiceDatabase
IsValidSecurityDescriptor
GetInheritanceSourceW
RegDeleteKeyW
SetEntriesInAclW
FreeInheritedFromArray
RegGetKeySecurity
OpenProcessToken
RegSetValueExW
LookupPrivilegeDisplayNameA
GetNamedSecurityInfoW
RegRestoreKeyW
GetTokenInformation
SetEntriesInAclA
AddAce
DeleteService
RegOpenKeyExW
OpenServiceW
RegCreateKeyExW
LookupAccountSidW
RegEnumValueW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21d07bafaeb7bd9d488df3176602d5c7

Headers

File Characteristics

Imports

mprapi

shell32

oleacc

newdev

kernel32

advapi32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 3KB - Virtual size: 151KB

.data Size: 110KB - Virtual size: 109KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 3KB - Virtual size: 151KB

.data
Size: 110KB - Virtual size: 109KB

.rsrc
Size: 512B - Virtual size: 4KB