a0e951ef4a4306dfc0f157aaeaebe552_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0e951ef4a4306dfc0f157aaeaebe552_JaffaCakes118
Size

279KB
MD5

a0e951ef4a4306dfc0f157aaeaebe552
SHA1

ce5fe23c184151b7f66fd723cf99e1a02c1612a4
SHA256

f6076b91a830569c56d9f3af549b3800e7762aa17033438e764e6e17ade7c7eb
SHA512

cb04d49be78514c67446e77f14134df7b2ddf51a4654e2181c23c027f02cb27e82874dc32a7c1a9f9ee3af8bce9cb8af4b239749c03908e406bbd592e2fe3628
SSDEEP

6144:YD32ophYFEjNI3xaiUDF+wMHMbeYqdG0gaVPASgRBd8sHx/UHioFm:YDth3qBai084ejG0gaWVBd1x8fm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0e951ef4a4306dfc0f157aaeaebe552_JaffaCakes118

Files

a0e951ef4a4306dfc0f157aaeaebe552_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93620e96b603c6d78b7d46550540c291

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

iphlpapi

GetIpAddrTable

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

user32

CreateWindowExW
DestroyWindow
EnumChildWindows
SendMessageA
IsWindow
GetDlgItem
GetWindowThreadProcessId

kernel32

AddAtomA
WriteFile
GetCPInfo
UnhandledExceptionFilter
GetOEMCP
GetEnvironmentStrings
EnumResourceLanguagesA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetNumberFormatA
GetEnvironmentStringsW
GetStartupInfoA
SetUnhandledExceptionFilter

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

Sections

.text
Size: 142KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ