73746f8429cf4a893657013f85865c0d_JaffaCakes118

General

Target

73746f8429cf4a893657013f85865c0d_JaffaCakes118
Size

186KB
MD5

73746f8429cf4a893657013f85865c0d
SHA1

ddcb29ecca6a888b17fb2133c9cd0b1eee679661
SHA256

fb62d14408fefdc3bbe4aa2a8ce3063aedc1621ea6d9b6f2ee100e97589be54c
SHA512

176fa688c9d611110e373ea69f849fed0c42400f37ada78f68177cfb95fcce7c27d695f8edb6a2156361c77ff80fc317f9c5157d5b6bafede0b5d61320b3e767
SSDEEP

3072:CubrwF8k+yUTOi0I/2Z+XfJJrExt+mJVBA9Ncm3WJWWbRh0cNGiBAVx+:Cubrk8k+yUTOZZAOWGm3Wxb0zA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73746f8429cf4a893657013f85865c0d_JaffaCakes118

Files

73746f8429cf4a893657013f85865c0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d734bb80ed1b3d46de1af30e93d4efa5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
TerminateProcess
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
AddAtomA
GetLocaleInfoA
GetStartupInfoA
TlsSetValue
UnhandledExceptionFilter
IsBadWritePtr
HeapCreate
GetStdHandle
SetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
InterlockedExchange
GetEnvironmentStringsW
EnumResourceLanguagesA
QueryPerformanceCounter
VirtualQuery
WriteFile
GetACP
SetHandleCount
GetCPInfo
VirtualFree
GetVersionExA
lstrcpynW
GetCurrentProcess
GetSystemInfo
TlsGetValue
GetCurrentProcessId
GetOEMCP
TlsAlloc
TlsFree
HeapSize
GetFileType
SetEndOfFile
HeapDestroy
GetModuleFileNameA
SetUnhandledExceptionFilter

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

iphlpapi

GetIpAddrTable

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

user32

SendMessageA
CreateWindowExW
EnumChildWindows
DestroyWindow
GetDlgItem
IsWindow
GetWindowThreadProcessId

shell32

SHGetFolderPathW

Sections

.text
Size: 98KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d734bb80ed1b3d46de1af30e93d4efa5

Headers

File Characteristics

Imports

kernel32

mprapi

iphlpapi

newdev

setupapi

user32

shell32

Sections

.text Size: 98KB - Virtual size: 237KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 84KB - Virtual size: 84KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 98KB - Virtual size: 237KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 84KB - Virtual size: 84KB

.rsrc
Size: 512B - Virtual size: 4KB