55219b0bb5bed81a9f2d5866c98dd620_JaffaCakes118

General

Target

55219b0bb5bed81a9f2d5866c98dd620_JaffaCakes118
Size

185KB
MD5

55219b0bb5bed81a9f2d5866c98dd620
SHA1

0b8970bdf9f0099c1ad476a1b7e8932bec43f10a
SHA256

e60ff34b6292e1640b9c9ef128c43017411861cbcfdc83d0a049c4249ee6d055
SHA512

6b519fa61227798de8169d3aff9327b0222655e54eb03557ebd469739fd9b1c30b6fe4a96dd3e34efc5b1b2ab942bfbf01e52ccc1b7060e7ed844f6b21dfd857
SSDEEP

3072:TjM6jJkCpPyO58yvrJagsq43YCz1I/SqvNXjg79l9WIElBxwdiywKR3MdjU0:HMopPr8yzJQ1JI/SqZjgovlLww/KRcdI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55219b0bb5bed81a9f2d5866c98dd620_JaffaCakes118

Files

55219b0bb5bed81a9f2d5866c98dd620_JaffaCakes118
.exe windows:4 windows x86 arch:x86

223dcc4cfa75c2cf8b9cc793d3a3b63c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpNIA
StrStrA

kernel32

GetStartupInfoA
GlobalAddAtomW
GetModuleHandleW
GetPrivateProfileStringW
FindClose
QueryPerformanceCounter
WaitForSingleObject
GetCurrentThreadId
GetCurrentProcess
GetPrivateProfileIntW
GetProcAddress
WritePrivateProfileStringW
GetPrivateProfileSectionW
lstrlenA
GetWindowsDirectoryA
Sleep
SetFileAttributesW
LoadLibraryW
GetCurrentDirectoryW
LocalFree
FreeLibrary
CreateMutexW
GetProcessHeap
GetModuleHandleA
ReleaseMutex
GetSystemInfo
EnumResourceLanguagesW
GetTickCount
LoadLibraryExW
LoadModule
CompareStringW
GetCurrentProcessId
lstrcmpiW
InterlockedCompareExchange
ExpandEnvironmentStringsW
GetVersionExW
lstrcmpW
SetUnhandledExceptionFilter
GetFileType
InterlockedExchange
CopyFileW
FindNextFileW
HeapAlloc
HeapFree
RtlUnwind
GetSystemDirectoryW
FindFirstFileW
GetLastError
LoadLibraryExA
WritePrivateProfileSectionW

iphlpapi

GetIpAddrTable

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Sibling
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shell32

SHGetFolderPathW

Sections

.text
Size: 94KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

223dcc4cfa75c2cf8b9cc793d3a3b63c

Headers

File Characteristics

Imports

shlwapi

kernel32

iphlpapi

newdev

setupapi

shell32

Sections

.text Size: 94KB - Virtual size: 238KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 87KB - Virtual size: 86KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 94KB - Virtual size: 238KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 87KB - Virtual size: 86KB

.rsrc
Size: 512B - Virtual size: 4KB