fddeb44d5cb98caff2152cdd45bdbc7c_JaffaCakes118

General

Target

fddeb44d5cb98caff2152cdd45bdbc7c_JaffaCakes118
Size

178KB
MD5

fddeb44d5cb98caff2152cdd45bdbc7c
SHA1

ba4db3fcc70a6d9bf36fca1cc634406bf78950bf
SHA256

0111cde560ace9eadcea4d4c681804b88c7af4a690789298e2bcf4440713a8b1
SHA512

9ea815e2588b9941424533cfbb9dd729f47518d237f740c93bbc9ecb20f513b2b2d018719f319db6828f8010b71c758c471e37febb5b029611f12cdc94a850c4
SSDEEP

3072:DM9sZ6GR3yngcn+3eiZVgdAwx87Nvhp92e1NPS4iIG2pkybcEZw8j5:LwGggc+3UyNvv1dJicksZp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fddeb44d5cb98caff2152cdd45bdbc7c_JaffaCakes118

Files

fddeb44d5cb98caff2152cdd45bdbc7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7584c334deae2b76460a85a2a16f71cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shell32

SHGetFolderPathW

iphlpapi

GetIpAddrTable

kernel32

HeapDestroy
GetCurrentProcessId
VirtualFree
FreeEnvironmentStringsW
AddAtomA
GetLocaleInfoA
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
GetCPInfo
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetStdHandle
GetEnvironmentStrings
GetCurrentProcess
HeapSize
SetLastError
TlsAlloc
WriteFile
EnumResourceLanguagesA
GetVersionExA
TlsFree
GetEnvironmentStringsW
QueryPerformanceCounter
FormatMessageW
TlsSetValue
TlsGetValue
IsBadWritePtr
GetModuleFileNameA
InterlockedExchange
GetFileType
VirtualQuery
GetACP
SetHandleCount
GetStartupInfoA
HeapCreate
GetSystemInfo
GetOEMCP
SetEndOfFile
SetUnhandledExceptionFilter

user32

DestroyWindow
EnumChildWindows
GetDlgItem
CreateWindowExW
IsWindow
SendMessageA
GetWindowThreadProcessId

Sections

.text
Size: 92KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7584c334deae2b76460a85a2a16f71cb

Headers

File Characteristics

Imports

mprapi

newdev

setupapi

shell32

iphlpapi

kernel32

user32

Sections

.text Size: 92KB - Virtual size: 243KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 83KB - Virtual size: 82KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 92KB - Virtual size: 243KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 83KB - Virtual size: 82KB

.rsrc
Size: 512B - Virtual size: 4KB