ece8ea17672274ebb91f23e809cba376_JaffaCakes118

General

Target

ece8ea17672274ebb91f23e809cba376_JaffaCakes118
Size

283KB
MD5

ece8ea17672274ebb91f23e809cba376
SHA1

12309d46681bc163cb84a5c08d7e37cfaf15700e
SHA256

bab25fb93518089767fc3801778d9ed0be4ae634b535cf377bc7f4f791d252b9
SHA512

248d1533f4b4f33b9c06bc7d226d1d525a1f14220fe9ed5cc1a8163ad2f1b821c3b89c0a2fd1b82e330928006a7741ee6086f4026f69d3e601305b1e48da31a7
SSDEEP

6144:7yBlvQ6xuIO/taCnq0A8RPAAiwv1MSAAI0R/WPa3YdX9vHj4Si:2BlvrQIO/tS3Wiwv1MRAI0pWPaIBxDpi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ece8ea17672274ebb91f23e809cba376_JaffaCakes118

Files

ece8ea17672274ebb91f23e809cba376_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdfdd122e81227bb9996ecd0c4f9e51e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIpAddrTable

user32

CreateWindowExW
DestroyWindow
GetDlgItem
EnumChildWindows
IsWindow
SendMessageA
GetWindowThreadProcessId

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shell32

SHGetFolderPathW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

VirtualFree
AddAtomA
VirtualQuery
SetLastError
GetStdHandle
GetSystemInfo
QueryPerformanceCounter
TlsFree
GetModuleFileNameA
HeapDestroy
UnhandledExceptionFilter
InterlockedExchange
GetVersionExA
GetEnvironmentStrings
GetOEMCP
HeapCreate
IsBadWritePtr
GetLocaleInfoA
EnumResourceLanguagesA
TlsSetValue
FreeEnvironmentStringsA
HeapSize
SetEndOfFile
VirtualAlloc
WriteFile
SetHandleCount
TerminateProcess
GetEnvironmentStringsW
lstrcpynW
TlsGetValue
GetCurrentProcess
GetStartupInfoA
GetSystemTimeAsFileTime
GetCPInfo
GetFileType
GetACP
FreeEnvironmentStringsW
TlsAlloc
GetCurrentProcessId
SetUnhandledExceptionFilter

Sections

.text
Size: 144KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdfdd122e81227bb9996ecd0c4f9e51e

Headers

File Characteristics

Imports

iphlpapi

user32

setupapi

shell32

mprapi

newdev

kernel32

Sections

.text Size: 144KB - Virtual size: 276KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 135KB - Virtual size: 135KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 144KB - Virtual size: 276KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 135KB - Virtual size: 135KB

.rsrc
Size: 512B - Virtual size: 4KB