93ac32e3fec83b7b7a5a01a7b60eb408_JaffaCakes118

General

Target

93ac32e3fec83b7b7a5a01a7b60eb408_JaffaCakes118
Size

163KB
MD5

93ac32e3fec83b7b7a5a01a7b60eb408
SHA1

040b13b208e721db1e995ffe377287e221ac139c
SHA256

e7b9e3e2554e557d247fed5e3d1643f238dbe97957f643e3a1ce11a0040b3da6
SHA512

7b2bcf141f9264cf36759a383c604f392619ea65ec3d2ed328b842e74cacad31c9c735e1d2841305b9c1879d2a79c4909fe21be4f3ebed16ea2e1bfaa6dde668
SSDEEP

3072:Q9ynEt7pcidcKB4Dp0dG5LJdX7BVCDpBNHEZ3BPY7F8k9:SxpcuViWQNJdXv5Bw7F1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93ac32e3fec83b7b7a5a01a7b60eb408_JaffaCakes118

Files

93ac32e3fec83b7b7a5a01a7b60eb408_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8839672d78d661055912e7058b883bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

setupapi

CM_Get_Global_State
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

EnumChildWindows
IsWindow
GetDlgItem
CreateWindowExW
SendMessageA
DestroyWindow
GetWindowThreadProcessId

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

kernel32

HeapSize
AddAtomA
SetHandleCount
TlsAlloc
TlsFree
VirtualAlloc
WriteFile
IsBadWritePtr
VirtualQuery
FreeEnvironmentStringsA
HeapDestroy
SetLastError
GetCPInfo
GetStdHandle
GetACP
GetModuleFileNameA
EnumResourceNamesW
TlsSetValue
TlsGetValue
GetLocaleInfoA
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
VirtualFree
GetCurrentProcess
lstrcatW
HeapCreate
UnhandledExceptionFilter
GetFileType
SetEndOfFile
GetCurrentProcessId
InterlockedExchange
GetEnvironmentStrings
TerminateProcess
QueryPerformanceCounter
GetOEMCP
GetVersionExA
GetSystemInfo
GetStartupInfoA
GetEnvironmentStringsW
SetUnhandledExceptionFilter

iphlpapi

GetIpAddrTable

Sections

.text
Size: 84KB - Virtual size: 491KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8839672d78d661055912e7058b883bb

Headers

File Characteristics

Imports

mprapi

setupapi

user32

newdev

shell32

kernel32

iphlpapi

Sections

.text Size: 84KB - Virtual size: 491KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 75KB - Virtual size: 75KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 84KB - Virtual size: 491KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 75KB - Virtual size: 75KB

.rsrc
Size: 512B - Virtual size: 4KB