188b7e3f1e85e0e6992c458908e4f791_JaffaCakes118

General

Target

188b7e3f1e85e0e6992c458908e4f791_JaffaCakes118
Size

176KB
MD5

188b7e3f1e85e0e6992c458908e4f791
SHA1

479b987ffa8dce1eb104570043ed01db72be7a2b
SHA256

754592d5401ac3ea9c726d214093d528cf426b5b0d96d2b99596fcbb16a2e5b9
SHA512

7b372ddc6dd47787d05fca3caa9427cd74b2f0a207d5b217e193c686135741b077d19c599ec5f59c7a4ee00d2fb5acca4dcd0af50659876d5cebb7a36ef06f09
SSDEEP

3072:MI6Q+wID0bsjRq9WS1dTjdn5NeRsQS0KP67DVHjCcbsjsZ:sQEDr5SbjnMSXWVOcbEE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
188b7e3f1e85e0e6992c458908e4f791_JaffaCakes118

Files

188b7e3f1e85e0e6992c458908e4f791_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7763dbc6239ede429b7c66a1123d8bae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringW
FindFirstFileW
GetAtomNameW
FindClose
WaitForSingleObject
GetProcAddress
LoadLibraryExW
WritePrivateProfileStringW
WriteFile
MulDiv
GlobalAlloc
EnumResourceNamesW
GetWindowsDirectoryW
FindNextFileW
MultiByteToWideChar
FreeLibrary
WaitCommEvent
DeleteFileW
ReadFile
GetExitCodeProcess
GetModuleHandleW
SetFilePointer
GlobalFree

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

setupapi

SetupDiClassNameFromGuidW
SetupDiGetDeviceInstanceIdW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiClassGuidsFromNameW
SetupDiGetClassDevsA
SetupOpenInfFileA
SetupDiSetClassInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiBuildClassInfoList
CMP_WaitNoPendingInstallEvents
SetupGetInfFileListA
SetupGetLineTextA
SetupDiGetClassDescriptionW
SetupCloseInfFile
SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyA
SetupCopyOEMInfW
SetupDiDeleteDeviceInfo
SetupDiGetDeviceInstallParamsA
SetupDiCreateDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

rpcrt4

NdrConformantArrayFree
UuidCreate

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7763dbc6239ede429b7c66a1123d8bae

Headers

File Characteristics

Imports

kernel32

mprapi

setupapi

rpcrt4

newdev

iphlpapi

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 76KB - Virtual size: 75KB

.reloc Size: 1024B - Virtual size: 120KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 76KB - Virtual size: 75KB

.reloc
Size: 1024B - Virtual size: 120KB