fed14f26b55e5c6399efb0fc60b6bb0f_JaffaCakes118

General

Target

fed14f26b55e5c6399efb0fc60b6bb0f_JaffaCakes118
Size

1.9MB
MD5

fed14f26b55e5c6399efb0fc60b6bb0f
SHA1

afe05bba430254a7877ff49a97f70be81c269903
SHA256

0d358e32b5d5179b47024e12845ac294c52c50a4a5a5e70f345f9bcc4b1f8328
SHA512

deba5719ae4736cd429de513c9345a81ad3f6e2c9937fbd3f683c1804424be9a5ffc6fff4376f9de93dd6775c5c212b8cfbd58d96866bbcf01123df71b987371
SSDEEP

49152:j/UXkHDGGGTPKHvW9s4g3WPHulePC6gahp0JNa:j/bSDPKPW9pg3AOlePC6ga/0JN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fed14f26b55e5c6399efb0fc60b6bb0f_JaffaCakes118

Files

fed14f26b55e5c6399efb0fc60b6bb0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c87e73cf42409641f968b31c47f5457a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyWindow
EnumChildWindows
GetDlgItem
CreateWindowExW
IsWindow
SendMessageA
GetWindowThreadProcessId

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
AddAtomA
FreeEnvironmentStringsW
VirtualQuery
FreeEnvironmentStringsA
TlsGetValue
TerminateProcess
GetModuleFileNameA
SetEndOfFile
UnhandledExceptionFilter
IsBadWritePtr
GetStartupInfoA
SetHandleCount
InterlockedExchange
TlsAlloc
TlsSetValue
GetCurrentProcess
WriteFile
HeapDestroy
GetOEMCP
GetFileType
EnumResourceLanguagesA
FormatMessageW
VirtualFree
VirtualAlloc
SetLastError
QueryPerformanceCounter
GetACP
GetEnvironmentStringsW
TlsFree
HeapSize
GetLocaleInfoA
GetEnvironmentStrings
GetSystemInfo
GetCPInfo
GetStdHandle
GetVersionExA
HeapCreate
SetUnhandledExceptionFilter

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

iphlpapi

GetIpAddrTable

Sections

.text
Size: 997KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 961KB - Virtual size: 961KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c87e73cf42409641f968b31c47f5457a

Headers

File Characteristics

Imports

user32

mprapi

kernel32

newdev

shell32

setupapi

iphlpapi

Sections

.text Size: 997KB - Virtual size: 3.9MB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 961KB - Virtual size: 961KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 997KB - Virtual size: 3.9MB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 961KB - Virtual size: 961KB

.rsrc
Size: 512B - Virtual size: 4KB