fb87d3f0ac088047962c8b2aaf932387_JaffaCakes118

General

Target

fb87d3f0ac088047962c8b2aaf932387_JaffaCakes118
Size

283KB
MD5

fb87d3f0ac088047962c8b2aaf932387
SHA1

80d7582241c0e6e73d2700c5e7385f31008d5e89
SHA256

3e4871071d962fab8761bc74a7692fd6a0dc929c36c8d2af1b72077323ccfa76
SHA512

ce9696287de71f0ecc6a94faa93490c3b3be06d9ce053aad965501fa7538ad4d88032ed43858b9976759dde6cf433a914c7a8f0bc9df3a8ce2c11c49b906f454
SSDEEP

6144:89crX1EXSopNBF0BB2LceVV2LRENC/KkFCL4d6QuJVwGUFke:uQEXSopNBFow9mLRPKkALVduF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb87d3f0ac088047962c8b2aaf932387_JaffaCakes118

Files

fb87d3f0ac088047962c8b2aaf932387_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9f9a2b9819b5bfc34e516afdeecebd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumChildWindows
GetDlgItem
SendMessageA
DestroyWindow
CreateWindowExW
IsWindow
GetWindowThreadProcessId

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Global_State
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shell32

SHGetFolderPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

iphlpapi

GetIpAddrTable

kernel32

GetEnvironmentStringsW
TlsSetValue
GetCurrentProcess
HeapDestroy
AddAtomA
SetLastError
GetFileType
IsBadWritePtr
SetEndOfFile
VirtualQuery
VirtualFree
GetSystemTimeAsFileTime
TlsFree
FreeEnvironmentStringsW
GetSystemInfo
SetHandleCount
GetEnvironmentStrings
TlsGetValue
TlsAlloc
GetACP
InterlockedExchange
GetStartupInfoA
EnumResourceNamesA
HeapCreate
lstrcatA
FreeEnvironmentStringsA
HeapSize
UnhandledExceptionFilter
GetStdHandle
QueryPerformanceCounter
WriteFile
VirtualAlloc
GetModuleFileNameA
TerminateProcess
GetCPInfo
GetOEMCP
GetVersionExA
GetCurrentProcessId
GetLocaleInfoA
SetUnhandledExceptionFilter

Sections

.text
Size: 143KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9f9a2b9819b5bfc34e516afdeecebd6

Headers

File Characteristics

Imports

user32

newdev

setupapi

shell32

mprapi

iphlpapi

kernel32

Sections

.text Size: 143KB - Virtual size: 275KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 136KB - Virtual size: 136KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 143KB - Virtual size: 275KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 136KB - Virtual size: 136KB

.rsrc
Size: 512B - Virtual size: 4KB