0969d5358c397d1b2c7715326f6d1f5e_JaffaCakes118

General

Target

0969d5358c397d1b2c7715326f6d1f5e_JaffaCakes118
Size

170KB
MD5

0969d5358c397d1b2c7715326f6d1f5e
SHA1

381b8a3091f95bc206b66183284157aca177ac91
SHA256

b4edb4a3806101ff869a932082ff94eb5ac4cd6137fa204adb0767f292b74395
SHA512

87da78fddcfb415bea389872fb49ea826ce8ba029da7713f0eaa563d56a00db2db67356e5059d9f5102af943af5af5ae53dcfaf3a92486ab7a955f80fcd61ce7
SSDEEP

3072:b44XFVkyty3H1kCa/DBmxKul8ywYkQ4261pf:b4QVuHKCa/ZxywYkQNqpf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0969d5358c397d1b2c7715326f6d1f5e_JaffaCakes118

Files

0969d5358c397d1b2c7715326f6d1f5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e447b5a5a60f849ccad0757e1510aa31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW

kernel32

AddAtomA
UnhandledExceptionFilter
TlsAlloc
WriteFile
GetSystemTimeAsFileTime
TlsFree
VirtualFree
HeapSize
HeapCreate
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
VirtualQuery
GetSystemInfo
TerminateProcess
EnumResourceLanguagesA
SetHandleCount
VirtualAlloc
SetLastError
FreeEnvironmentStringsA
GetVersionExA
TlsSetValue
SetEndOfFile
GetStartupInfoA
GetOEMCP
HeapDestroy
lstrcpyW
InterlockedExchange
TlsGetValue
GetLocaleInfoA
GetCurrentProcessId
GetCurrentProcess
GetFileType
GetACP
QueryPerformanceCounter
GetCPInfo
GetModuleFileNameA
IsBadWritePtr
SetUnhandledExceptionFilter

user32

GetDlgItem
SendMessageA
CreateWindowExW
DestroyWindow
IsWindow
EnumChildWindows
GetWindowThreadProcessId

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 91KB - Virtual size: 491KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e447b5a5a60f849ccad0757e1510aa31

Headers

File Characteristics

Imports

shell32

kernel32

user32

mprapi

newdev

iphlpapi

setupapi

Sections

.text Size: 91KB - Virtual size: 491KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 75KB - Virtual size: 75KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 91KB - Virtual size: 491KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 75KB - Virtual size: 75KB

.rsrc
Size: 512B - Virtual size: 4KB