ff0b23ba3d984ee80c93a32235615353_JaffaCakes118

General

Target

ff0b23ba3d984ee80c93a32235615353_JaffaCakes118
Size

186KB
MD5

ff0b23ba3d984ee80c93a32235615353
SHA1

0f79a64aff32a5e8c4e123590c3a3a70619d9c2e
SHA256

cda8d8a0d77f7925e9e7f60cbb786b7d67d0de864c7df73ba7d5c5f6c1556ce9
SHA512

a12591e78c20bc0b31fe0e30aed6d6253a287efe58002827cb5f04f2376c41db5d026425fc3eeccf716f2b0599930f267b0013fecbd10bb2003fd9336ceea492
SSDEEP

3072:W72m6FD2WrKrYVR/AZ95H7YzlvK2Yh91fmG3AwB6nZ13l6jx94n0OkUzM3Hn/m1n:WKdFCWmrEZAZ95HUR0P1fm9Caqj740Ou

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff0b23ba3d984ee80c93a32235615353_JaffaCakes118

Files

ff0b23ba3d984ee80c93a32235615353_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b240bcf31e18a48925f210d36e0d2de1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIpAddrTable

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

TlsAlloc
GetStartupInfoA
GetACP
SetEndOfFile
AddAtomA
VirtualAlloc
GetCurrentProcess
TerminateProcess
HeapDestroy
GetEnvironmentStrings
GetCurrentProcessId
GetSystemTimeAsFileTime
GetFileType
GetStdHandle
TlsSetValue
TlsGetValue
SetLastError
EnumResourceLanguagesA
WriteFile
GetLocaleInfoA
UnhandledExceptionFilter
FreeEnvironmentStringsW
TlsFree
VirtualQuery
lstrcpyW
IsBadWritePtr
HeapCreate
QueryPerformanceCounter
InterlockedExchange
VirtualFree
GetEnvironmentStringsW
GetCPInfo
FreeEnvironmentStringsA
SetHandleCount
GetSystemInfo
GetOEMCP
HeapSize
GetModuleFileNameA
GetVersionExA
SetUnhandledExceptionFilter

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

user32

EnumChildWindows
SendMessageA
IsWindow
DestroyWindow
CreateWindowExW
GetDlgItem
GetWindowThreadProcessId

shell32

SHGetFolderPathW

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 100KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b240bcf31e18a48925f210d36e0d2de1

Headers

File Characteristics

Imports

iphlpapi

newdev

kernel32

mprapi

user32

shell32

setupapi

Sections

.text Size: 100KB - Virtual size: 240KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 82KB - Virtual size: 82KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 100KB - Virtual size: 240KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 82KB - Virtual size: 82KB

.rsrc
Size: 512B - Virtual size: 4KB