JaffaCakes118_9f993c22b1d577ae0dd42ffc6d30d821

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_9f993c22b1d577ae0dd42ffc6d30d821
Size

180KB
MD5

9f993c22b1d577ae0dd42ffc6d30d821
SHA1

ea81a06adc46bc7d942c07a0d0c8633a5393d186
SHA256

951677e5e060889594c56b7796165c3557face45c6dc2fb1b065b780ee6852bb
SHA512

ba3c6c1391100700c1ac80f716b2608b1847232e568aa18320a49044aa6729cf4a245e875ce2026801255146fe6339b111d6be3a4b1eddb5b4c47dc9965a88ba
SSDEEP

3072:vUi3JJZz3ATLiL45Z8JeEQh8scgSYwjQj2uJh0yr/sX7:8iBjATLiL45Zph8sLp0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9f993c22b1d577ae0dd42ffc6d30d821

Files

JaffaCakes118_9f993c22b1d577ae0dd42ffc6d30d821
.exe windows:4 windows x86 arch:x86

9fb28fbbd0e1c16dcecbbe2bedfab210

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegRestoreKeyW
QueryServiceStatus
RegSetValueExW
FreeSid
OpenSCManagerW
RegQueryValueExW
ChangeServiceConfig2W
SetEntriesInAclA
EnumDependentServicesW
AdjustTokenPrivileges
LookupAccountSidW
InitializeSecurityDescriptor
EqualSid
AddAce
StartServiceA
GetSecurityDescriptorControl
AllocateAndInitializeSid
CreateServiceW
GetAce
UnlockServiceDatabase
RegCreateKeyExW
RegSaveKeyW
RegCloseKey
GetSecurityInfo
RegEnumKeyExW
OpenProcessToken
RegDeleteKeyW
RegGetKeySecurity
SetSecurityDescriptorDacl
GetAclInformation
FreeInheritedFromArray
GetNamedSecurityInfoW
InitializeAcl
LookupPrivilegeDisplayNameA
LookupPrivilegeNameA
CloseServiceHandle
RegDeleteValueW
RegOpenKeyExW
DeleteService
SetSecurityInfo
LockServiceDatabase
OpenServiceW
ChangeServiceConfigW
QueryServiceConfigW
ControlService
GetInheritanceSourceW
SetNamedSecurityInfoW
IsValidAcl
SetEntriesInAclW
IsValidSecurityDescriptor
LookupPrivilegeValueA
GetTokenInformation
QueryServiceLockStatusW
RegEnumValueW

shell32

SHGetFolderPathW

kernel32

GetCalendarInfoW
DeleteFileW
HeapFree
GetEnvironmentStrings
GetTimeZoneInformation
VirtualFree
LCMapStringW
SetEnvironmentVariableA
GetStringTypeW
CreateFileMappingA
FreeEnvironmentStringsA
IsDebuggerPresent
SetWaitableTimer
GetVersionExW
TlsSetValue
GetStartupInfoA
GetSystemTime
LeaveCriticalSection
DeviceIoControl
FileTimeToSystemTime
SetFileAttributesW
HeapReAlloc
GetDateFormatA
CreateFileW
GetEnvironmentStringsW
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
HeapCreate
TlsFree
RtlUnwind
QueryPerformanceCounter
CreateThread
GetModuleHandleA
ResetEvent
GetCPInfo
CloseHandle
SetUnhandledExceptionFilter
InterlockedIncrement
GetCurrentThreadId
CreateWaitableTimerA
GetOEMCP
CompareStringA
GetConsoleOutputCP
LoadLibraryExW
GetExitCodeProcess
InitializeCriticalSection
GetCommandLineA
VirtualAlloc
GetSystemDirectoryW
CreateProcessW
GetProcessHeap
ExpandEnvironmentStringsW
GetTimeFormatA
GetFileAttributesW
UnhandledExceptionFilter
GetModuleFileNameA
EnumResourceNamesA
GetCurrentProcessId
SetEvent
WaitForSingleObject
LocalFree
CreateDirectoryW
IsValidCodePage
ExitProcess
SetStdHandle
DeleteCriticalSection
GetTickCount
UnmapViewOfFile
InterlockedDecrement
HeapDestroy
CopyFileW
LocalAlloc
CreateFileA
WideCharToMultiByte
FlushFileBuffers
RaiseException
FreeLibrary
TlsGetValue
MapViewOfFile
GetTempPathW
Sleep
GetACP
LCMapStringA
TerminateProcess
GetVersionExA
CreateEventA
InitializeCriticalSection
SetEndOfFile
SetLastError
GetLastError
GetModuleHandleW
GetEnvironmentVariableW
HeapAlloc
MultiByteToWideChar
SystemTimeToFileTime
GetConsoleCP
GetCurrentProcess
HeapSize
GetFileType
TlsAlloc
FreeEnvironmentStringsW
GetStdHandle
WriteConsoleA
WriteFile
LoadLibraryA
CompareStringW
GetConsoleMode
SetFilePointer
WriteConsoleW
SetHandleCount
GetLocaleInfoA
MoveFileExW
EnterCriticalSection
CancelWaitableTimer
GetProcAddress
ReadFile
GetStringTypeA

iphlpapi

GetIpAddrTable

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

setupapi

SetupDiGetDeviceInstallParamsA
SetupDiGetClassDevsW
SetupDiSetClassInstallParamsW
SetupOpenInfFileA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInfoList
CMP_WaitNoPendingInstallEvents
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoA
SetupDiBuildClassInfoList
SetupDiCallClassInstaller
SetupGetInfFileListA
SetupDiGetDeviceInstanceIdW
SetupCloseInfFile
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDescriptionW
SetupDiClassNameFromGuidW
SetupDiClassGuidsFromNameW
SetupCopyOEMInfW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupGetLineTextA
SetupDiDeleteDeviceInfo
CM_Get_DevNode_Status

ole32

CoGetMalloc
CoUninitialize
CoQueryProxyBlanket
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
StringFromGUID2

rpcrt4

UuidCreate

user32

EnumChildWindows
SendMessageA
DestroyWindow
CreateWindowExW
IsWindow
GetDlgItem
GetWindowThreadProcessId

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fb28fbbd0e1c16dcecbbe2bedfab210

Headers

File Characteristics

Imports

advapi32

shell32

kernel32

iphlpapi

mprapi

setupapi

ole32

rpcrt4

user32

newdev

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 6KB - Virtual size: 6KB

.bss Size: 78KB - Virtual size: 77KB

.rsrc Size: 1024B - Virtual size: 252KB

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 6KB - Virtual size: 6KB

.bss
Size: 78KB - Virtual size: 77KB

.rsrc
Size: 1024B - Virtual size: 252KB