5d4a074af0c4720ecf70fa3f74fc21d1_JaffaCakes118

General

Target

5d4a074af0c4720ecf70fa3f74fc21d1_JaffaCakes118
Size

279KB
MD5

5d4a074af0c4720ecf70fa3f74fc21d1
SHA1

4dccdefc6d1f6118a148181913eab4783876b864
SHA256

0cf79c70a9bf3d8b5d2a8245cab4a943b9aafca28d04871e5ca15c91598e408d
SHA512

f5e1067fee28801b569c4b95105b1a91b678e681512f4fb30076515cbb465bcd27f337894152cc97603d15bfba4ec91553f34164b18576049600ca907488ba11
SSDEEP

6144:7qReIcYWesEPUF5Z5C5hvh4tL/k7z2oPS1Ew9cSiyPfg+D:TdF57CjuJuX2Ew9xY+D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d4a074af0c4720ecf70fa3f74fc21d1_JaffaCakes118

Files

5d4a074af0c4720ecf70fa3f74fc21d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

996ce0f95e27b2557fc13597ab0a938a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
AddAtomA
VirtualFree
UnhandledExceptionFilter
GetCurrentProcessId
GetSystemInfo
InterlockedExchange
GetModuleFileNameA
TerminateProcess
VirtualQuery
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
QueryPerformanceCounter
GetStdHandle
GetSystemTimeAsFileTime
EnumResourceLanguagesA
WriteFile
GetLocaleInfoA
TlsAlloc
GetFileType
TlsFree
GetOEMCP
HeapDestroy
HeapCreate
GetStartupInfoA
HeapSize
lstrcpynW
GetCPInfo
GetACP
SetLastError
SetHandleCount
GetEnvironmentStrings
FreeEnvironmentStringsW
SetEndOfFile
GetVersionExA
GetCurrentProcess
FreeEnvironmentStringsA
IsBadWritePtr
SetUnhandledExceptionFilter

user32

EnumChildWindows
DestroyWindow
CreateWindowExW
SendMessageA
GetDlgItem
IsWindow
GetWindowThreadProcessId

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 146KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

996ce0f95e27b2557fc13597ab0a938a

Headers

File Characteristics

Imports

kernel32

user32

mprapi

shell32

newdev

iphlpapi

setupapi

Sections

.text Size: 146KB - Virtual size: 278KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 134KB - Virtual size: 133KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 146KB - Virtual size: 278KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 134KB - Virtual size: 133KB

.rsrc
Size: 512B - Virtual size: 4KB