c7fd5af753f98f1417ae0231c6020ea8_JaffaCakes118

General

Target

c7fd5af753f98f1417ae0231c6020ea8_JaffaCakes118
Size

96KB
MD5

c7fd5af753f98f1417ae0231c6020ea8
SHA1

5500fb4e4f2f45bdfca8f30eb87ca2bc9f943484
SHA256

afd67533c3e1be97290f16074059ec0a21a23c8c62c21e96e21e1572cd559b68
SHA512

44bfc2eb76ceba244a0912d5970f0ec04162268c2af293b89d0c4d51b3a6502e1349e7089a1138b31c51775d1b71adedc48f40425ed5d9f6e7062348ad06bab9
SSDEEP

1536:T8hVEooMjtHgJEgcoFaZpKJ3T3CdSPWXo5XVlIB5EjIrNT+dC4l:TTzcooZpKJ3jhzHl4QM0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7fd5af753f98f1417ae0231c6020ea8_JaffaCakes118

Files

c7fd5af753f98f1417ae0231c6020ea8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e1042a60ab23be5de307c2747942724

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

iphlpapi

GetIpAddrTable

user32

DestroyWindow
SendMessageA
CreateWindowExW
EnumChildWindows
IsWindow
GetDlgItem
GetWindowThreadProcessId

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

kernel32

AddAtomA
InterlockedExchange
TlsAlloc
HeapDestroy
GetLocaleInfoA
GetCPInfo
TlsSetValue
GetModuleFileNameA
SetHandleCount
FreeEnvironmentStringsW
GetStartupInfoA
HeapSize
GetStdHandle
VirtualQuery
GetCurrentProcess
SetLastError
TlsGetValue
TlsFree
GetEnvironmentStringsW
SetEndOfFile
TerminateProcess
EnumResourceLanguagesA
GetSystemTimeAsFileTime
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FormatMessageW
GetFileType
HeapCreate
VirtualFree
VirtualAlloc
GetVersionExA
QueryPerformanceCounter
GetSystemInfo
IsBadWritePtr
WriteFile
GetOEMCP
GetCurrentProcessId
SetUnhandledExceptionFilter

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e1042a60ab23be5de307c2747942724

Headers

File Characteristics

Imports

newdev

setupapi

iphlpapi

user32

mprapi

shell32

kernel32

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 512B - Virtual size: 4KB