5e7f0e605d753f2b8db67ed335661ba0_JaffaCakes118

General

Target

5e7f0e605d753f2b8db67ed335661ba0_JaffaCakes118
Size

284KB
MD5

5e7f0e605d753f2b8db67ed335661ba0
SHA1

69408986e2ad41907425e54c6eb319e080aa8976
SHA256

d8d27951892d6958efdf68f417f2c290dfe6f59b7d5475e7a1399ba6201ad530
SHA512

cb9b952a394ddf9ec909942eecea424f34c5eb3d132db723d9c362bdcf019c0d409a38d31c4848792e42f1af5cce373e47cb126f3b8c691194361ee93c332fd8
SSDEEP

6144:7qRegcYWesEPUF5Z5C5hvh4tL/k7z2oPS1Ew9cSiyPfg+:TlF57CjuJuX2Ew9xY+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e7f0e605d753f2b8db67ed335661ba0_JaffaCakes118

Files

5e7f0e605d753f2b8db67ed335661ba0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

996ce0f95e27b2557fc13597ab0a938a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
AddAtomA
VirtualFree
UnhandledExceptionFilter
GetCurrentProcessId
GetSystemInfo
InterlockedExchange
GetModuleFileNameA
TerminateProcess
VirtualQuery
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
QueryPerformanceCounter
GetStdHandle
GetSystemTimeAsFileTime
EnumResourceLanguagesA
WriteFile
GetLocaleInfoA
TlsAlloc
GetFileType
TlsFree
GetOEMCP
HeapDestroy
HeapCreate
GetStartupInfoA
HeapSize
lstrcpynW
GetCPInfo
GetACP
SetLastError
SetHandleCount
GetEnvironmentStrings
FreeEnvironmentStringsW
SetEndOfFile
GetVersionExA
GetCurrentProcess
FreeEnvironmentStringsA
IsBadWritePtr
SetUnhandledExceptionFilter

user32

EnumChildWindows
DestroyWindow
CreateWindowExW
SendMessageA
GetDlgItem
IsWindow
GetWindowThreadProcessId

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 146KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

996ce0f95e27b2557fc13597ab0a938a

Headers

File Characteristics

Imports

kernel32

user32

mprapi

shell32

newdev

iphlpapi

setupapi

Sections

.text Size: 146KB - Virtual size: 278KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 134KB - Virtual size: 133KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 146KB - Virtual size: 278KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 134KB - Virtual size: 133KB

.rsrc
Size: 512B - Virtual size: 4KB