b08f846b9ebfd325c52353660f676bde_JaffaCakes118

General

Target

b08f846b9ebfd325c52353660f676bde_JaffaCakes118
Size

179KB
MD5

b08f846b9ebfd325c52353660f676bde
SHA1

6af05329fa04474a6ffd6e9d2ad7b307cc097c9d
SHA256

309acbbfa30aec8b9d0789e307a53d3751c6ff9f8ad417094040707618b92109
SHA512

58746b8b76917c253b3cbca16576f3ee33be2122961785618e345a07299f56bb6dbc5321ccf80f8803e3b8838d62a7c74cd14277ed6a67dfb949af2792f21a6d
SSDEEP

3072:wjr8ceezHP8oufDTV0B4S5vIj4m1E+fll+ZfUfxDyvO+AQTzICAOplRURrReppf:wjrVP87fvVPgvIj438xWvO+AsEC3irRs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b08f846b9ebfd325c52353660f676bde_JaffaCakes118

Files

b08f846b9ebfd325c52353660f676bde_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31cb80ce0e76673fd5c7156bf10a2cb5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
DestroyWindow
GetDlgItem
IsWindow
EnumChildWindows
CreateWindowExW
GetWindowThreadProcessId

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

iphlpapi

GetIpAddrTable

shell32

SHGetFolderPathW

kernel32

AddAtomA
GetFileType
GetACP
SetLastError
HeapDestroy
VirtualQuery
HeapCreate
UnhandledExceptionFilter
GetSystemInfo
GetEnvironmentStringsW
GetStdHandle
TerminateProcess
FreeEnvironmentStringsW
GetCPInfo
SetEndOfFile
GetLocaleInfoA
SetHandleCount
GetVersionExA
GetEnvironmentStrings
TlsAlloc
EnumResourceLanguagesA
VirtualFree
TlsSetValue
GetDiskFreeSpaceW
HeapSize
GetStartupInfoA
FreeEnvironmentStringsA
IsBadWritePtr
GetCurrentProcessId
InterlockedExchange
TlsGetValue
QueryPerformanceCounter
VirtualAlloc
WriteFile
GetCurrentProcess
GetOEMCP
GetModuleFileNameA
GetSystemTimeAsFileTime
TlsFree
SetUnhandledExceptionFilter

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 89KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31cb80ce0e76673fd5c7156bf10a2cb5

Headers

File Characteristics

Imports

user32

setupapi

mprapi

iphlpapi

shell32

kernel32

newdev

Sections

.text Size: 89KB - Virtual size: 237KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 86KB - Virtual size: 86KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 89KB - Virtual size: 237KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 86KB - Virtual size: 86KB

.rsrc
Size: 512B - Virtual size: 4KB