3ca46f40d191dc769d84f19c8546a429_JaffaCakes118

General

Target

3ca46f40d191dc769d84f19c8546a429_JaffaCakes118
Size

1.9MB
MD5

3ca46f40d191dc769d84f19c8546a429
SHA1

2dce6077c13f4b4771d37e606e8369f3e2a14f0b
SHA256

3fb7640f8da94027c6da3f1259f88c6e4564d2b52c5e61d71d0cbda93d9c7e1d
SHA512

b6549b9763ca09540f35756265aebf07c08e51e37f233959eb944ed0bd7766b3aaede427c719053fd49d228370550614930a6753b5c0747a93a9d5f99ee49ca6
SSDEEP

49152:pbFW+ZBN1ODAVIYtmWlAU9bkh985gNnX7SpJa4g5:pbFW+aDA5mWlA1hkgNnLS3ap

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ca46f40d191dc769d84f19c8546a429_JaffaCakes118

Files

3ca46f40d191dc769d84f19c8546a429_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d988d9890cc38fef24f4a6dd2056b49b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW

kernel32

TlsGetValue
AddAtomA
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetACP
GetSystemInfo
GetOEMCP
VirtualQuery
GetVersionExA
TlsFree
HeapSize
GetEnvironmentStrings
GetCurrentProcess
IsBadWritePtr
SetLastError
UnhandledExceptionFilter
EnumResourceLanguagesA
GetCurrentProcessId
HeapDestroy
SetHandleCount
GetFileType
GetLocaleInfoA
GetEnvironmentStringsW
InterlockedExchange
VirtualAlloc
SetEndOfFile
TerminateProcess
GetModuleFileNameA
WriteFile
lstrcpynW
TlsAlloc
GetStdHandle
GetCPInfo
GetStartupInfoA
HeapCreate
VirtualFree
FreeEnvironmentStringsW
QueryPerformanceCounter
TlsSetValue
SetUnhandledExceptionFilter

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

iphlpapi

GetIpAddrTable

user32

DestroyWindow
GetDlgItem
SendMessageA
CreateWindowExW
EnumChildWindows
IsWindow
GetWindowThreadProcessId

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 989KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 967KB - Virtual size: 967KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d988d9890cc38fef24f4a6dd2056b49b

Headers

File Characteristics

Imports

shell32

kernel32

setupapi

iphlpapi

user32

mprapi

newdev

Sections

.text Size: 989KB - Virtual size: 3.9MB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 967KB - Virtual size: 967KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 989KB - Virtual size: 3.9MB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 967KB - Virtual size: 967KB

.rsrc
Size: 512B - Virtual size: 4KB