a5aa3753c07eed10acedcc00a1e4ab8b_JaffaCakes118

General

Target

a5aa3753c07eed10acedcc00a1e4ab8b_JaffaCakes118
Size

170KB
MD5

a5aa3753c07eed10acedcc00a1e4ab8b
SHA1

33618270efc8de9a7e09f73b358dbe0e40a4567c
SHA256

8f8cd66b2a9778ba578769f70e6bd66d9642bd8eb3eb9d0425c679084a673ffd
SHA512

0844bc0a33e581659e99e38a9ba22b1377d9a97394c40a3aa434c2616df479f378f4defa67388e2669c79250a6dea5ca1c8308440176c1b64d83995a26fa5fac
SSDEEP

3072:a68vJAPxn4GIsa59FJwwEKKkMwS/S+1aiCMGY2wmrdCpkV5HgVZ8TVJFs3u:ahh6541sYSXh1wSEwGVrkpr0Js3u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5aa3753c07eed10acedcc00a1e4ab8b_JaffaCakes118

Files

a5aa3753c07eed10acedcc00a1e4ab8b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

563c66f1ff7476b090088dfcf3229ef0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

kernel32

HeapSize
AddAtomA
HeapDestroy
GetEnvironmentStrings
InterlockedExchange
GetModuleFileNameA
GetOEMCP
SetLastError
GetCPInfo
GetStartupInfoA
HeapCreate
VirtualQuery
SetHandleCount
SetEndOfFile
GetFileType
VirtualFree
GetSystemInfo
QueryPerformanceCounter
TlsFree
VirtualAlloc
GetEnvironmentStringsW
EnumResourceNamesA
GetVersionExA
TlsGetValue
GetSystemTimeAsFileTime
GetLocaleInfoA
TlsAlloc
TerminateProcess
lstrcatA
GetStdHandle
GetCurrentProcess
TlsSetValue
FreeEnvironmentStringsA
WriteFile
IsBadWritePtr
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetCurrentProcessId
SetUnhandledExceptionFilter

setupapi

CM_Get_Global_State
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

SendMessageA
EnumChildWindows
GetDlgItem
DestroyWindow
IsWindow
CreateWindowExW
GetWindowThreadProcessId

Sections

.text
Size: 87KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

563c66f1ff7476b090088dfcf3229ef0

Headers

File Characteristics

Imports

mprapi

shell32

newdev

iphlpapi

kernel32

setupapi

user32

Sections

.text Size: 87KB - Virtual size: 487KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 87KB - Virtual size: 487KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 512B - Virtual size: 4KB