62ff242f81f5b551d4c62922d37b4956_JaffaCakes118

General

Target

62ff242f81f5b551d4c62922d37b4956_JaffaCakes118
Size

184KB
MD5

62ff242f81f5b551d4c62922d37b4956
SHA1

509a26747aeb7cdd65dd9eb7e2ad1a3a9168bd1c
SHA256

7a1b0e665f071c21a6d60a61bcc6b09e0d636afdbef67448d9aadfec3570ee0d
SHA512

06b1e6dd35e34355e12947d26e909a7a2a16578c3dd0eb614304e405f4543f44ba19b0e5f60d0600e1583b80aef5f1adcb5fe5fb58a762a7225994ffee9c27fa
SSDEEP

3072:pVmr7FMG5ZP7aMRGgaxN4iCdwpFvUnkZp7+Ra1qj/CQEEqTYAd7OBTS5b:Cj7ZsgrirckvaRawjz1AdA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62ff242f81f5b551d4c62922d37b4956_JaffaCakes118

Files

62ff242f81f5b551d4c62922d37b4956_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1dcf2ed39bb409e4076e4d6e5286cc01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIpAddrTable

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Sibling
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shlwapi

StrCmpNIA
StrStrA

kernel32

GetCurrentThread
WideCharToMultiByte
EnterCriticalSection
GetExitCodeThread
IsBadReadPtr
ResetEvent
ReleaseSemaphore
AddAtomW
GetProcessHeap
GetTickCount
VirtualAlloc
FindResourceA
DisableThreadLibraryCalls
IsBadWritePtr
GetLastError
GetThreadPriority
HeapFree
LoadLibraryA
GlobalAlloc
FreeLibrary
QueryPerformanceCounter
SetThreadPriority
WaitForMultipleObjects
EnumResourceLanguagesW
LoadLibraryW
ReleaseMutex
VirtualFree
LeaveCriticalSection
LoadResource
GetModuleFileNameW
GetProcAddress
lstrlenA
GetSystemTime
GetSystemInfo
CreateSemaphoreA
GetGeoInfoW
CreateFileW
GetCurrentThreadId
Sleep
TerminateThread
GetModuleFileNameA
LockResource
InterlockedDecrement
MultiByteToWideChar
InterlockedIncrement
CreateMutexA
GetCurrentProcessId
ExitProcess

Sections

.text
Size: 93KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1dcf2ed39bb409e4076e4d6e5286cc01

Headers

File Characteristics

Imports

iphlpapi

shell32

newdev

setupapi

shlwapi

kernel32

Sections

.text Size: 93KB - Virtual size: 236KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 88KB - Virtual size: 87KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 236KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 88KB - Virtual size: 87KB

.rsrc
Size: 512B - Virtual size: 4KB