a7545d684e5e47e47844c6c208f7d2be_JaffaCakes118

General

Target

a7545d684e5e47e47844c6c208f7d2be_JaffaCakes118
Size

283KB
MD5

a7545d684e5e47e47844c6c208f7d2be
SHA1

d5134bbaf675032ed441177ca75653d4506dc668
SHA256

a54233b1c577395def12a412045f9301d02407c61f24bb1b6c6699a7606a9e33
SHA512

62a3712c7147dca049b975438a8693ccf471ece58cf8b50a8697a7618ee5d4f8326863ebf02d0bcb64e4c2b3c02c97436c8c4d880eba9706cc01c07554784adb
SSDEEP

6144:7yBIvQ6xuIO/taCnq0A8RPAAiwv1MSAAI0R/WPa3YdX9vHj4Si:2BIvrQIO/tS3Wiwv1MRAI0pWPaIBxDpi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7545d684e5e47e47844c6c208f7d2be_JaffaCakes118

Files

a7545d684e5e47e47844c6c208f7d2be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdfdd122e81227bb9996ecd0c4f9e51e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIpAddrTable

user32

CreateWindowExW
DestroyWindow
GetDlgItem
EnumChildWindows
IsWindow
SendMessageA
GetWindowThreadProcessId

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shell32

SHGetFolderPathW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

VirtualFree
AddAtomA
VirtualQuery
SetLastError
GetStdHandle
GetSystemInfo
QueryPerformanceCounter
TlsFree
GetModuleFileNameA
HeapDestroy
UnhandledExceptionFilter
InterlockedExchange
GetVersionExA
GetEnvironmentStrings
GetOEMCP
HeapCreate
IsBadWritePtr
GetLocaleInfoA
EnumResourceLanguagesA
TlsSetValue
FreeEnvironmentStringsA
HeapSize
SetEndOfFile
VirtualAlloc
WriteFile
SetHandleCount
TerminateProcess
GetEnvironmentStringsW
lstrcpynW
TlsGetValue
GetCurrentProcess
GetStartupInfoA
GetSystemTimeAsFileTime
GetCPInfo
GetFileType
GetACP
FreeEnvironmentStringsW
TlsAlloc
GetCurrentProcessId
SetUnhandledExceptionFilter

Sections

.text
Size: 144KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdfdd122e81227bb9996ecd0c4f9e51e

Headers

File Characteristics

Imports

iphlpapi

user32

setupapi

shell32

mprapi

newdev

kernel32

Sections

.text Size: 144KB - Virtual size: 276KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 135KB - Virtual size: 135KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 144KB - Virtual size: 276KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 135KB - Virtual size: 135KB

.rsrc
Size: 512B - Virtual size: 4KB