8de60ad6dbdd04ccb67e92bdeae56365_JaffaCakes118

General

Target

8de60ad6dbdd04ccb67e92bdeae56365_JaffaCakes118
Size

270KB
MD5

8de60ad6dbdd04ccb67e92bdeae56365
SHA1

cc4748c782bfe2cc2aa3f9c5ce569b407b50a4d6
SHA256

705ccb30ed9f34a850a6ac30f852a5d8b7e05f7604d51862b1846a857f11a896
SHA512

67492b1b6b2664d1b10501223411776e3e17571c478d46908c376549460b72cd316dd381a5020eb559ee381f2362e928ba1cad3bfbccaa387b2a1f78b1b58958
SSDEEP

6144:UtncLzFkPelin5mXTz1/1LW2HsDYa0nDQaxoCvqsiYFMuYHnF:+n2Rkmlin5mjz5oMsDY9ZoCvqsiYrYH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8de60ad6dbdd04ccb67e92bdeae56365_JaffaCakes118

Files

8de60ad6dbdd04ccb67e92bdeae56365_JaffaCakes118
.exe windows:4 windows x86 arch:x86

086ab76191f0bf9cba10b3444cc20f74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

user32

SendMessageA
GetDlgItem
IsWindow
DestroyWindow
CreateWindowExW
EnumChildWindows
GetWindowThreadProcessId

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

kernel32

InterlockedExchange
AddAtomA
VirtualQuery
QueryPerformanceCounter
TlsGetValue
GetCurrentProcessId
GetVersionExA
GetStdHandle
GetSystemInfo
GetEnvironmentStringsW
GetModuleFileNameA
TlsAlloc
GetFileType
GetLocaleInfoA
GetStartupInfoA
SetLastError
FreeEnvironmentStringsW
GetCurrentProcess
SetEndOfFile
GetCPInfo
EnumResourceLanguagesA
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
VirtualFree
GetACP
IsBadWritePtr
FormatMessageW
HeapCreate
HeapDestroy
WriteFile
VirtualAlloc
GetEnvironmentStrings
TlsSetValue
SetHandleCount
TerminateProcess
TlsFree
HeapSize
UnhandledExceptionFilter
GetOEMCP
SetUnhandledExceptionFilter

Sections

.text
Size: 136KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

086ab76191f0bf9cba10b3444cc20f74

Headers

File Characteristics

Imports

newdev

iphlpapi

user32

setupapi

mprapi

shell32

kernel32

Sections

.text Size: 136KB - Virtual size: 276KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 130KB - Virtual size: 129KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 136KB - Virtual size: 276KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 130KB - Virtual size: 129KB

.rsrc
Size: 512B - Virtual size: 4KB