8982974dbb95c668d9555e97080d9927_JaffaCakes118

General

Target

8982974dbb95c668d9555e97080d9927_JaffaCakes118
Size

1.9MB
MD5

8982974dbb95c668d9555e97080d9927
SHA1

1b9d3218da326cf05e4efb852b568e67919bd56d
SHA256

7cedefda2416c88fffdc170daa02067991e1bf87bc8db8a394e5d132d138746f
SHA512

8e1b9ce443ef0087f703a676b4f23fc593d15ac1cb536edb92b5b033b08d2e9945e91f631a0a59b552887a6e89ebfb9d470e9c34896040784a0b92bb3a35d981
SSDEEP

49152:XBaWGIzYjh4rAhbvW4VUajJN0/SDq5ZIWzm5Ngr7l9n:RfzcheAhy4VTjXG1iWaA7P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8982974dbb95c668d9555e97080d9927_JaffaCakes118

Files

8982974dbb95c668d9555e97080d9927_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b0201454b1c6052d6eb6302e7781a66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

iphlpapi

GetIpAddrTable

setupapi

CM_Get_Global_State
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

kernel32

GetCPInfo
TlsSetValue
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
AddAtomA
TlsAlloc
GetLocaleInfoA
GetFileType
SetEndOfFile
FreeEnvironmentStringsW
HeapDestroy
HeapSize
GetStdHandle
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
TerminateProcess
GetSystemInfo
IsBadWritePtr
EnumResourceNamesA
SetHandleCount
InterlockedExchange
GetModuleFileNameA
HeapCreate
GetACP
WriteFile
GetVersionExA
lstrcatA
VirtualAlloc
UnhandledExceptionFilter
GetEnvironmentStringsW
GetStartupInfoA
SetLastError
GetCurrentProcess
TlsGetValue
GetOEMCP
VirtualQuery
TlsFree
GetEnvironmentStrings
SetUnhandledExceptionFilter

user32

SendMessageA
GetDlgItem
CreateWindowExW
DestroyWindow
IsWindow
EnumChildWindows
GetWindowThreadProcessId

Sections

.text
Size: 932KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1010KB - Virtual size: 1010KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b0201454b1c6052d6eb6302e7781a66

Headers

File Characteristics

Imports

newdev

shell32

iphlpapi

setupapi

mprapi

kernel32

user32

Sections

.text Size: 932KB - Virtual size: 3.9MB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1010KB - Virtual size: 1010KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 932KB - Virtual size: 3.9MB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1010KB - Virtual size: 1010KB

.rsrc
Size: 512B - Virtual size: 4KB