f2a253e558976d2d90c49d5154ffe1b8_JaffaCakes118

General

Target

f2a253e558976d2d90c49d5154ffe1b8_JaffaCakes118
Size

99KB
MD5

f2a253e558976d2d90c49d5154ffe1b8
SHA1

527acecd863143b49546317bb4611fea134b442b
SHA256

d8420ed0c4c492a51f9c7906d590002de6ec86c4b10dad22c33272615a658d84
SHA512

0053d0d2169d10a287f2d01ee6d9b3a4182d5f97ef58cdb3fd66d865c6969df1b0a7b72e3be3b2892aaa9b2ec18152f43216b4da9d2b71142fb2cd737e4db88a
SSDEEP

1536:o0Y1VvGT7BhfHCPp5l+TA6vorP4kFl4lRAPgRrrueZOpEPeH:o0YLefCx7+TdCJPErueZOiWH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2a253e558976d2d90c49d5154ffe1b8_JaffaCakes118

Files

f2a253e558976d2d90c49d5154ffe1b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec74767b44e20b8c679a0084d98e8a3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

kernel32

TlsAlloc
SetHandleCount
AddAtomA
QueryPerformanceCounter
GetLocaleInfoA
HeapDestroy
UnhandledExceptionFilter
SetLastError
TlsFree
TlsSetValue
GetCPInfo
GetCurrentProcessId
InterlockedExchange
GetFileType
IsBadWritePtr
GetModuleFileNameA
VirtualFree
EnumResourceLanguagesA
GetStdHandle
GetACP
GetOEMCP
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsA
HeapSize
VirtualAlloc
GetStartupInfoA
lstrcpynW
TerminateProcess
GetVersionExA
GetCurrentProcess
WriteFile
GetEnvironmentStrings
FreeEnvironmentStringsW
HeapCreate
TlsGetValue
GetSystemInfo
SetEndOfFile
VirtualQuery
SetUnhandledExceptionFilter

iphlpapi

GetIpAddrTable

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

IsWindow
GetDlgItem
DestroyWindow
SendMessageA
EnumChildWindows
CreateWindowExW
GetWindowThreadProcessId

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec74767b44e20b8c679a0084d98e8a3c

Headers

File Characteristics

Imports

mprapi

kernel32

iphlpapi

setupapi

user32

newdev

shell32

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 512B - Virtual size: 4KB