703575ea4de4aa7511f7935933eb5a43_JaffaCakes118

General

Target

703575ea4de4aa7511f7935933eb5a43_JaffaCakes118
Size

186KB
MD5

703575ea4de4aa7511f7935933eb5a43
SHA1

40cb48397fb2ec459b81491a37e2dd0282b43b73
SHA256

eb6210a58e8f38be0ed77e21c60223f2862e968f0ba79f733bacf4052929606f
SHA512

bbc15d8a741364c302aa66e29ce3643573370ffccab99211fda1d09ca6a95020dfef3a17de617b917903bac227cc0bef95f118ee6c544c43a55542aca9410f20
SSDEEP

3072:nGaaMnLvUDq7WI4piDFy1mjnaoNqsbf3etwwBTtpwteGqASZi0eobEpq8b2NFFms:nGaLLv8qv4kDFy14aoNqsb2twmpwtejB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
703575ea4de4aa7511f7935933eb5a43_JaffaCakes118

Files

703575ea4de4aa7511f7935933eb5a43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2b0bc58ef8b68f4c69f9f3f9706df1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

user32

GetDlgItem
DestroyWindow
EnumChildWindows
SendMessageA
IsWindow
CreateWindowExW
GetWindowThreadProcessId

kernel32

TerminateProcess
SetLastError
GetCPInfo
VirtualQuery
GetEnvironmentStrings
AddAtomA
InterlockedExchange
TlsFree
GetStdHandle
GetFileType
GetOEMCP
SetHandleCount
GetCurrentProcess
GetEnvironmentStringsW
FreeEnvironmentStringsA
WriteFile
EnumResourceLanguagesA
GetLocaleInfoA
SetEndOfFile
IsBadWritePtr
HeapSize
GetVersionExA
TlsAlloc
FormatMessageW
TlsGetValue
GetACP
GetCurrentProcessId
HeapCreate
HeapDestroy
TlsSetValue
GetSystemInfo
QueryPerformanceCounter
GetStartupInfoA
VirtualAlloc
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW
VirtualFree
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

iphlpapi

GetIpAddrTable

Sections

.text
Size: 97KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2b0bc58ef8b68f4c69f9f3f9706df1f

Headers

File Characteristics

Imports

setupapi

user32

kernel32

shell32

newdev

mprapi

iphlpapi

Sections

.text Size: 97KB - Virtual size: 236KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 85KB - Virtual size: 85KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 236KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 512B - Virtual size: 4KB