b450293a2cfa5b14f138fc391adfbd36_JaffaCakes118

General

Target

b450293a2cfa5b14f138fc391adfbd36_JaffaCakes118
Size

169KB
MD5

b450293a2cfa5b14f138fc391adfbd36
SHA1

81cb1b6b7a2dbe8f277855f1d3a4816ba6121ed2
SHA256

2888ca4b3bfdfd3c71c4b3a9571dafdeafaf627dad8cf040df359b8cbd3ba0c6
SHA512

524c31eb8d9245040a33288472eddceb57aaf1dffd292bb1076b9a5f81b3d2d403b2e8678441d80672366d0ac02512f9586f99d56744b8ac4a73374ff69073ed
SSDEEP

3072:mZL6K9oLsylRi2mn+LBSbtmiZmSmjAX+OyfdGRVYaxcLNO1mr9QjaI:mUKORiz+EtmMm/jAXSGjYpAYrejaI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b450293a2cfa5b14f138fc391adfbd36_JaffaCakes118

Files

b450293a2cfa5b14f138fc391adfbd36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69a3bb40a8319a6b5be26898f33d736c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIpAddrTable

kernel32

TlsGetValue
TlsAlloc
GetCPInfo
InterlockedExchange
AddAtomA
GetOEMCP
GetSystemInfo
GetStdHandle
VirtualQuery
SetHandleCount
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
HeapDestroy
QueryPerformanceCounter
UnhandledExceptionFilter
GetEnvironmentStringsW
GetModuleFileNameA
SetEndOfFile
WriteFile
EnumResourceLanguagesA
GetCurrentProcess
TerminateProcess
HeapCreate
FreeEnvironmentStringsW
GetFileType
HeapSize
IsBadWritePtr
lstrcpynW
GetCurrentProcessId
TlsFree
GetEnvironmentStrings
SetLastError
VirtualAlloc
GetACP
GetLocaleInfoA
GetVersionExA
VirtualFree
TlsSetValue
GetStartupInfoA
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

CreateWindowExW
EnumChildWindows
SendMessageA
IsWindow
GetDlgItem
DestroyWindow
GetWindowThreadProcessId

Sections

.text
Size: 88KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69a3bb40a8319a6b5be26898f33d736c

Headers

File Characteristics

Imports

iphlpapi

kernel32

shell32

newdev

setupapi

mprapi

user32

Sections

.text Size: 88KB - Virtual size: 487KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 78KB - Virtual size: 77KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 487KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 78KB - Virtual size: 77KB

.rsrc
Size: 512B - Virtual size: 4KB